Go to auth0 dashboard
Select Users & Roles
Click on a user
This will bring me to a specific users dashboard page
Click the dropdown ‘SIGN IN AS USER’ at the top
Select the application I want to sign in to
Select the correct Callback URL from the dropdown http://localhost:8080/auth/signed-in
Set the scope to ‘openid profile email’
Then copy the url for client side app and paste it into the browser
The callback url it redirects to is:http://localhost:8080/auth/signed-in#access_token= {opaque token}&scope=openid&expires_in=7200&token_type=Bearer
This doesn’t look like a valid access_token and it does not have the id_token.
When I login normally and auth0 redirects to the callback url it looks like this:http://localhost:8080/auth/signed-in#access_token= {token is here}
How do I get a id_token and legit access_token from auth0 when logging in as a user?
Hi @jpbamberg ,
Welcome to the Auth0 Community Forum! I edited the tokens out of your post as they are considered sensitive.
When you are requesting the token you are not setting the audience to your APIs, and are getting an opaque access token.
See:
JSON Web Token standard and contain information about an entity in the form of claims. They are self-contained in that it is not necessary for the recipient to call a server to validate the token. Access Tokens issued for the Auth0 Management API and Access Tokens issued for any custom API that you have registere…
So you know, the sign in as user feature (user impersonation) is deprecated and no longer supported by auth0. It exists on your tenant as a legacy feature and we recommend moving away from it.
Hope this helps!
Thanks,
1 Like
dan.woda
October 18, 2019, 1:06am
3
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.