React I get an Opaque JWT when I call getAccessTokenSilently, even after defining the audience and scope in the Provider

Hi,

I’m currently developing a React application using Auth0 for authentication. I have set up the Auth0Provider with the correct audience and I’m using the getAccessTokenSilently method to retrieve the access token.

However, I’m encountering an issue where I’m receiving an opaque token instead of the expected JWT token. This is causing problems when I try to use this token to authenticate with my API.

I am using the @auth0/auth0-react package with version "^2.0.1"

I have defined the audience and scope in the Provider in index.js as well:

 <Auth0Provider
        domain={process.env.REACT_APP_AUTH0_DOMAIN}
        clientId={process.env.REACT_APP_AUTH0_CLIENTID}
        authorizationParams={{
          redirect_uri: window.location.origin,
        }}
        audience="http://localhost:5000"
        scope="openid profile email"
      >
        <App />
      </Auth0Provider>

The audience I have specified is the audience of a valid API that I have created from my Auth0 dashboard. I am pretty confident the api has been set up correctly as well as the actual application which is OIDC conformant. I don’t know what to do. This is the example token I receive from getAccessTokenSliently:

Please help! Thanks!

Hi @authMemberuser ,

Thank you for describing your issue!

Did you first complied your app without setting the “audience” parameter and updated your code later?
Could you please restart your app / crash the process and start it again?

Please let us know if that worked!

Hi @marcelina.barycka , by ‘complied’, do you mean compiled, and I am assuming you are referring to my React frontend app right? If we are talking about the React frontend app, then Yes, I have terminated it, closed the terminal, and then restarted it again, but I still get the same issue.

Hi, I’m still having this issue

For anyone facing this same issue, I found the solution here: Invalid access token payload, jwt encrypted with A256GCM
It was indeed due to the audience not properly configured.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.