I am having a SwiftUI app which uses the authentication to a Native App in auth0, which works fine. Now I want to call an API, also protected by auth0 and the audience would be different. How could I retrieve an accessToken for the new audience given the fact, that I already have one from the App login. A similar topic was discussed here, but never answered SwiftUI with Auth0 login app calling another API also protected by Auth0
Hello @mbbrehm welcome to the community!
Are you using Auth0.swift or another SDK?
Yes, using Auth0.swift SDK… right now using AWS API Gateway fronting the API’s with a customer authorizer validating the JWT token and I am getting an error about “invalid audience”. Maybe I should just change the audience I am checking to the Native application audience.
Thanks for confirming!
Is the API you’re calling already registered in Auth0? If so, that’s the audience
you’ll want to use when configuring Auth0.webAuth()
In the auth0 configuration I followed the tutorials for setting up a login to my Native iOS app and for this I have created an native application under Applications > Applications (this has a clientID) and this where I get my token for, when signing into my iOS app. Further I got a customer API configured under Applications > APIs, which has the audience of my API Gateway URL, following the tutorial there. Now I don’t want to have a second authentication done to call this API, but just use the token given through the initial user login.
Hey there @mbbrehm sorry for the delay here.
If the access token you received has the audience of your API, then that is the token you will want to use against it. Depending on your API there are many libraries you can use that verify access tokens:
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.