Heady
April 11, 2025, 8:03am
1
Hello,
Even with setting both the audience to a valid API, I’m still getting an opaque token instead of a valid JWT:
auth0Client = await auth0.createAuth0Client({
domain:"mycompany.eu.auth0.com",
clientId: "******",
audience: "https://vault.mycompany.com",
scope: "openid profile email"
});
async function getToken() {
const token = await auth0Client.getTokenSilently({
scope: "openid profile email" // optional, include what you need
}); // Get the JWT token silently without redirect
console.log('JWT Token:', token); // Log the token for debugging
return token;
}
I also tried to remove the add the audience in getTokenSliently, as well as removing all the parameters but I always get an in valid JWT token
Heady
April 11, 2025, 8:09am
2
After reading this field: getting-opaque-token-instead-of-jwt-token-audience-added/129715, it seems that the audience is NOT present in the authorize request:
/authorize?client_id=**&scope=openid profile email&prompt=none&response_type=code&response_mode=web_message&state=c2hTWXRRZmI0c0tpNlpLU1JSTlJtUn41QTZWV2EwLmJ1VWJtLkcyRUxWcQ==&nonce=NnJGdGM2UHVJN2xNbmJRclFXVFJYcjA0c3g2dkJUcWNfZ3Y3WW05MjhtTw==&redirect_uri=http://localhost:3000&code_challenge=0KIblbiic-f3JikbLL9zkwKNcJZIzfAu87psSlbBZPA&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC44In0=
Heady
April 11, 2025, 8:27am
3
Ok i finally found the issue: audience and scope have to be set inside authorizationParams:
auth0Client = await auth0.createAuth0Client({
domain:"mycompany.eu.auth0.com",
clientId: "******",
authorizationParams: {
audience: "https://vault.mycompany.com",
scope: "openid profile email",
}
});
Hi @Heady !
Welcome to the Auth0 Community!
Thank you for posting your question and the solution that you found with the rest of the community!
Thanks!
system
April 25, 2025, 9:39am
5
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.