Securing API in Blazor WASM App

I’ve followed the blog post in a new blazor WASM core hosted app, and the front-end authorization works fine, however I get the following error when trying to call an API with the “Authorize” attribute applied (with obfuscated data);

www-authenticate: Bearer error="invalid_token", error_description="The audience 'https://**{API ID}**, https://**{MY AUTH0 DOMAIN}**/userinfo' is invalid"

I’ve run the github solution you provide here fine and this works without issue, but I can’t find any (relevant) differences in my project to the repo.

When using a token decoder, I can see both projects include the same audiences, so i’m not sure why my project rejects these audiences!

2 posts were merged into an existing topic: Securing Blazor WebAssembly Apps