Still getting an opaque token with audience and scope

Hello,

Even with setting both the audience to a valid API, I’m still getting an opaque token instead of a valid JWT:

auth0Client = await auth0.createAuth0Client({
        domain:"mycompany.eu.auth0.com",
        clientId: "******",
        audience: "https://vault.mycompany.com",
        scope: "openid profile email"
    });

async function getToken() {
    const token = await auth0Client.getTokenSilently({
        scope: "openid profile email" // optional, include what you need
    }); // Get the JWT token silently without redirect
    console.log('JWT Token:', token); // Log the token for debugging
    return token;
}

I also tried to remove the add the audience in getTokenSliently, as well as removing all the parameters but I always get an in valid JWT token

After reading this field: getting-opaque-token-instead-of-jwt-token-audience-added/129715, it seems that the audience is NOT present in the authorize request:

/authorize?client_id=**&scope=openid profile email&prompt=none&response_type=code&response_mode=web_message&state=c2hTWXRRZmI0c0tpNlpLU1JSTlJtUn41QTZWV2EwLmJ1VWJtLkcyRUxWcQ==&nonce=NnJGdGM2UHVJN2xNbmJRclFXVFJYcjA0c3g2dkJUcWNfZ3Y3WW05MjhtTw==&redirect_uri=http://localhost:3000&code_challenge=0KIblbiic-f3JikbLL9zkwKNcJZIzfAu87psSlbBZPA&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC44In0=

Ok i finally found the issue: audience and scope have to be set inside authorizationParams:

auth0Client = await auth0.createAuth0Client({
        domain:"mycompany.eu.auth0.com",
        clientId: "******",
        authorizationParams: {
          audience: "https://vault.mycompany.com",
          scope: "openid profile email",
       }
    });

Hi @Heady!

Welcome to the Auth0 Community!

Thank you for posting your question and the solution that you found with the rest of the community!

Thanks!
Dawid

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.