Found the problem. The Authority property was set incorrectly.
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
options.Authority = "Auth0 domain"; // this was in correct
options.Audience = ....
});
Copied code from two different samples and mixed up the key for the authority.
Bad error message.