Hi, just a note to point out that there’s some config in the auth0-spa-js example app which is consumed in such a way as to trip up the unware or the stressed - specifically - if you look at auth_config.js it probably starts off looking like this…
{
"domain": "blah.auth0.com",
"clientId": "blahblahblah"
}
so, reading the docs, I needed to add an “audience” value so that getTokenSilently() would return a JWT. When I did this it didn’t work. I still received the “opaque” token.
The problem is here … in index.js…
ReactDOM.render(
<Auth0Provider
domain={config.domain}
client_id={config.clientId}
redirect_uri={window.location.origin}
onRedirectCallback={onRedirectCallback}
>
<App />
</Auth0Provider>,
document.getElementById("root")
);
If I don’t include.
audience={config.audience}
that new config item isn’t passed to Auth0.
In my opinion the config should be ingested using one technique only - either the entire config file, or, done in code as above. This tripped me up for several hours.