Securing API in Blazor WASM App

I’ve followed the blog post https://auth0.com/blog/securing-blazor-webassembly-apps/ in a new blazor WASM core hosted app, and the front-end authorization works fine, however I get the following error when trying to call an API with the “Authorize” attribute applied (with obfuscated data);

www-authenticate: Bearer error="invalid_token", error_description="The audience 'https://**{API ID}**, https://**{MY AUTH0 DOMAIN}**/userinfo' is invalid"

I’ve run the github solution you provide here https://github.com/auth0-blog/secure-blazor-wasm-quiz-manager fine and this works without issue, but I can’t find any (relevant) differences in my project to the repo.

When using a token decoder, I can see both projects include the same audiences, so i’m not sure why my project rejects these audiences!

2 posts were merged into an existing topic: Securing Blazor WebAssembly Apps