Still get RS256 token

I changed default token algorithm to HS256 but when I decode access token, alg in token is still RS256.

How can I get access token with HS256?

What I did was Dashboard > Applications > Advanced Settings > OAuth > disabled OIDC Conformant and changed JSON Web Token (JWT) Signature Algorithm

Hello,

I have a question about accesstoken that my application get after verified by auth0.

I changed the default RS256 algorithm to HS256. But I still got RS256.

Does anyone know why?

Hi @hyun.park,

I merged the two topics you made as they were duplicates.

It should be as easy as changing the toggle to get a token of either algo.

One thing I’m thinking: are you trying to do this in a native app or SPA? You should not be using symmetric signing algos in a client-side application (SPA or native app).

Can you post an example of the token you are receiving? Please omit any sensitive data.

Can you please DM me your tenant name and application name or client id?

2 Likes