Hey @mjones, your code looks ok.
My only concern is about this:
Did you define the API identifier only in the API section of your Auth0 Dashboard?
Did you also assign it as the Default Audience in your tenant settings?
The error message you get leads me to think you didn’t.
Please, confirm me if you defined https://quizmgr_api as the Default Audience for your tenant.
Otherwise, I’m afraid I need all the HTTP requests exchanged with Auth0 at the login step to see which parameters are passed.