Is this knowledge article still valid?
I’ve reproduced the Postman collection locally and I’m able to successfully invoke all steps, but the acces_token value returned when calling POST /oauth/token is present, but its not a valid JWT?
Thank you for reaching out!
The usual cause for receiving an invalid JWT ( opaque token ) is that the audience parameter was not specified, or not done so correctly. You will need to pass the audience parameter in the token request, specifying the recipient, which should then return the Access Token in JWT format. Documentation for reference :
With regards to the Knowledge Article still being up to date, short answer should be yes, but to be safe, we will follow it from scratch and see if we happen to encounter any issues which might need to get addressed. If something comes up, we will update the Knowledge Article as soon as possible. Thank you for checking in with us on the matter!
Hope this helped!
Gerald
@gerald.czifra thanks for the quick reply!
Do you know if using an authorization_code grant type will influence the value associated with the audience parameter? I updated my request to pass the audience value found in our Auth0 management portal, and though I do get a token value back, it is still opaque and not a JWT.
I wanted to update this post in case anyone stumbles upon it. I was able to resolve this issue and get the collection from the original article to work by appending the Audience to the /authorize GET request. My authorize GET request now looks like this:
https://{{auth0_domain}}/authorize?response_type=code&client_id={{auth0_client_id}}&audience={{auth0_audience}}&redirect_uri={{redirect_uri}}
After adding the audience request parameter I now get back valid JWT.
@gerald.czifra you were correct in your assessment, I just didn’t know where to add the audience in the original collection. If you’re able, I’d recommend updating the request in that article.
Thanks for your assistance!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.