The getAccessToken in Nextjs returns opaque token instead of access token even after specifying the audience

I m having nextjs as my client and expressjs my backend, I am trying to get the accessToken in my nextjs app with the below code ( by specifying the audience )

//app/fetchToken
import { NextResponse } from “next/server”;
import { getAccessToken, withApiAuthRequired } from “@auth0/nextjs-auth0”;

const GET = withApiAuthRequired(async function GET(req) {
const res = new NextResponse();
const { accessToken } = await getAccessToken(req, res, {
authorizationParams:{
audience:process.env.AUTH0_AUDIENCE,
scope: ‘openid profile email’,
}
});
console.log(accessToken);
return NextResponse.json({ accessToken: accessToken }, res);
});

export { GET };

The peoblem is the accessToken I get is an opaque token, but I need the actual access Token, Only then my server can validate it, Currently my server can’t validate this opaque token.

Also when I jwt.io to see the contents of this opaque token, it tells the opaque token is not in a valid signature.


image

Hey there @vishnukumart96 welcome to the community!

Thanks for sharing the details - Are you able to inspect the request /authorize request in the network tab of your browser’s developer tools to see if the audience param is indeed being passed? I suspect it’s being excluded one way or another.

Let us know!

Can see that the audience is indeed being passed

image

1 Like

Thanks for checking! That’s super odd :thinking: Nothing in your code stick out to me immediately - Have you tested using the same config values in the Sample app? If not, I recommend doing so and comparing results:

I have tested using the sample app and the case remains the same