Session token is returned to Auth0 is invalid

rudra.rahul71 · February 6, 2023, 2:55am

Have followed step by step guides provided by Auth0 here to redirect user after login to external site to collect info. I am currently attempting to send info back to Auth0 via signed session token. After trial and error I discovered that this token can be sent back to Auth0 via a parameter in the URL. however it still seems that I am receiving an error stating ‘The session token is invalid: Missing or invalid standard claims’.

as you can see, from my angular project I am simply decoding token passed by auth0 to create new token with my new data

then when redirecting back to auth0 I include my parameters for state and myToken

redirect worked as expected before inclusion of session token. but now in logs this is error I receive.

rasingh · September 22, 2023, 3:28pm

did you get this issue resolved?

rudra.rahul71 · September 22, 2023, 3:36pm

unfortunately I have not

zeebzog · September 22, 2023, 5:01pm

Hi,
If I understand you correctly, you have redirected to Auth0 universal login, is that correct? If you have the access_token returned back is opaque and cannot be decoded in the manner you are trying. The Id_token will be a standard JWT. A way to get round this is to change the audience to an API you might have associated with the app. In this way Auth0 will now return a normal JWT which can be decoded.

Topic		Replies	Views
Actions redirect on login, returning information Help login-experience , new-universal-login-experience	1	1232	January 8, 2024
Pass data back to auth0 login action fail Help jwt , login	0	1518	August 31, 2022
Session token is invalid Help extensibility , actions-extensibility	1	820	March 13, 2024
Invalid access_token JWT.io jwt , auth0	3	5371	March 28, 2020
How to Decode Session Tokens in Auth0 Actions Help login-experience , new-universal-login-experience	12	2380	January 22, 2024

Session token is returned to Auth0 is invalid

Related Topics