Auth0 Home Blog Docs

Problem with setting up auth0-authorization-extension-api




I want to setup authorization mechanism to my python flask application. I want o manipulate authorization of groups, users and etc… in my application.

After reading through these pages about how to setup authorization through extension



I added this decorator which is shown in the second link above (interesting thing is that I realized 2nd links decorator has the same decorator names with the 00-Starter-Seed app. So 2nd links decorator does authorization and authentication at the same time ?

def requires_auth(f): .. .. ..
But when I tried to work that decorator, I am getting this error

  "code": "Error decoding token headers.", 
  "description": "Invalid header. Use an RS256 signed JWT Access Token"

I doubted from maybe I understand the concept of implementing authorization in Auht0 wrong. So, what I understand from it is

1 - check needs to be made to determine whether the incoming request contains valid authorization information (jwt)

2- get access_token and use it in decorator

3-call the api to manipulate groups, users, etc, … (things I want to do through api) OR use it as function decorator to make use that function only be called by admin

what is the point I am not seeing or understanding wrong ?