ReactJS sdk is giving me a A256GCM encoded JWT

infodbio · February 17, 2025, 8:38pm

The ReactJS auth0 sdk is allowing my user to sign in successfully, but the JWT I receive after they login is the wrong encoded format.

In auth0 dashboard everything is set to RS256, I do not have encrypted tokens enabled.
My app is a Single Page App in auth0 dashboard.

In react I am logging in the user with this:

<button onClick={() => loginWithRedirect({
      audience: "<Auth0 Management API Audience>",
      scope: "openid profile email"
    })}>Log In</button>

Then I request the token like this:

const token = await getAccessTokenSilently({
        audience: "<Auth0 Management API Audience>",
      });

I searched the web yesterday and everyone was saying it’s because the audience was not specified when logging in & requesting the token, however, that did not resolve my issue when I applied the audience value.

nik.baleca · February 18, 2025, 12:22am

Hi @infodbio

Welcome to the Auth0 Community!

When you login to Auth0 and don’t specify an audience, you will get an opaque access token. It looks like a regular JWT, but actually it’s a self contained encrypted JWT. The only way to validate an opaque token is to call the server that issued the token, in this case the /userinfo endpoint.

In order to get an JWT. You need to create a custom api. Then use this as the audience in your react app to login:

<Auth0Provider
      domain="YOUR_AUTH0_DOMAIN"
      clientId="YOUR_AUTH0_CLIENT_ID"
      redirectUri={window.location.origin}
      audience="YOUR_API_IDENTIFIER"

This will provide you a JWT when you call the getAccessTokenSilently() method.

Then you can specify the same API as the audience in your api:

const jwtCheck = auth({
  issuerBaseURL: "https://<DOMAIN>", 
  audience: "YOUR_API_IDENTIFIER",
});

Hope this clarifies things a bit, let me know if you have any other questions or still having issues!

Kind Regards,
Nik

infodbio · February 18, 2025, 4:46pm

Thank you for your reply. I found the solution shortly after posting and forgot to update it, I had to add the audience and scope to my authorizationParams under my Auth0Provider

nik.baleca · February 18, 2025, 4:56pm

Hi again.

Thanks for letting us know and sharing the solution with us!

If you have any other questions, feel free ot leave another reply or post again on the community!

Kind Regards,
Nik

Topic		Replies	Views
Added Audience and STILL getting Opaque token instead of JWT token with React Help auth0-react , sdks-quickstarts	6	2709	July 19, 2023
React I get an Opaque JWT when I call getAccessTokenSilently, even after defining the audience and scope in the Provider Help auth0-react , sdks-quickstarts	5	789	March 12, 2024
Getting Opaque token instead of JWT token (Audience Added) Help auth0-react , sdks-quickstarts	2	700	March 14, 2024
React app, Receiving an Opaque Token when I should be receiving a JWT token supposedly Help configuration , application	2	339	February 20, 2024
Universal Login returns a Opaque token and not a JWT token Help jwt , auth0 , api	4	4365	May 19, 2020

ReactJS sdk is giving me a A256GCM encoded JWT

Related topics