The getAccessToken in Nextjs returns opaque token instead of access token even after specifying the audience

I m having nextjs as my client and expressjs my backend, I am trying to get the accessToken in my nextjs app with the below code ( by specifying the audience )

//app/fetchToken
import { NextResponse } from “next/server”;
import { getAccessToken, withApiAuthRequired } from “@auth0/nextjs-auth0”;

const GET = withApiAuthRequired(async function GET(req) {
const res = new NextResponse();
const { accessToken } = await getAccessToken(req, res, {
authorizationParams:{
audience:process.env.AUTH0_AUDIENCE,
scope: ‘openid profile email’,
}
});
console.log(accessToken);
return NextResponse.json({ accessToken: accessToken }, res);
});

export { GET };

The peoblem is the accessToken I get is an opaque token, but I need the actual access Token, Only then my server can validate it, Currently my server can’t validate this opaque token.

Also when I jwt.io to see the contents of this opaque token, it tells the opaque token is not in a valid signature.

image594×547 56.6 KB

Hey there @vishnukumart96 welcome to the community!

Thanks for sharing the details - Are you able to inspect the request /authorize request in the network tab of your browser’s developer tools to see if the audience param is indeed being passed? I suspect it’s being excluded one way or another.

Let us know!

Can see that the audience is indeed being passed

Thanks for checking! That’s super odd Nothing in your code stick out to me immediately - Have you tested using the same config values in the Sample app? If not, I recommend doing so and comparing results:

I have tested using the sample app and the case remains the same

This still issue still persists and can’t find any solutions, any help on this would be much appreciated