[SPA + API] Can NOT Get Audience Correct

Goal: Have SPA + API Work.

I have followed the tutorial to create one API and one Application. I have tried many methods to get the JWT, so that I can make API calls from client Javascript.
The problem is no matter how I set audience in my Auth0.WebAuth parameters, or direct http call. The return value for audience is always the same ClientID.

Here is the link I tried to make a request to get authorized for the id_token.

[Edited for tenant privacy]

I must have missed something, but after over 12 hours of work. I have run out of woods.
Please help. Thank you.

Regards.

Here is the access_token I got from the request.

[edit for privacy]

Hello! The issue that I am seeing is that you are not requesting an access token, you’re requesting only an ID token. By specification definition, the audience of an ID token will always be the client ID. In order to request an access token for API authorization, you can format your your WebAuth instance like so:

new auth0.WebAuth({
  clientID: YOUR_CLIENT_ID,
  domain: YOUR_DOMAIN,
  responseType: 'token id_token',
  audience: 'YOUR_AUTH0_API_IDENTIFIER',
  ...[etc]

Requesting token id_token as the responseType will ensure that you receive an access token with the appropriate audience for your API in addition to the ID token. The WebAuth instance’s audience should match the identifier for the API that you set up at https://manage.auth0.com/#/apis

I hope this helps! Please let us know if you have any further questions or run into issues.

3 Likes

Thank you for the reply. This really helped me out.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.