I m having nextjs as my client and expressjs my backend, I am trying to get the accessToken in my nextjs app with the below code ( by specifying the audience )
//app/fetchToken
import { NextResponse } from “next/server”;
import { getAccessToken, withApiAuthRequired } from “@auth0/nextjs-auth0”;
const GET = withApiAuthRequired(async function GET(req) {
const res = new NextResponse();
const { accessToken } = await getAccessToken(req, res, {
authorizationParams:{
audience:process.env.AUTH0_AUDIENCE,
scope: ‘openid profile email’,
}
});
console.log(accessToken);
return NextResponse.json({ accessToken: accessToken }, res);
});
export { GET };
The peoblem is the accessToken I get is an opaque token, but I need the actual access Token, Only then my server can validate it, Currently my server can’t validate this opaque token.
Also when I jwt.io to see the contents of this opaque token, it tells the opaque token is not in a valid signature.
Thanks for sharing the details - Are you able to inspect the request /authorize request in the network tab of your browser’s developer tools to see if the audience param is indeed being passed? I suspect it’s being excluded one way or another.
Thanks for checking! That’s super odd Nothing in your code stick out to me immediately - Have you tested using the same config values in the Sample app? If not, I recommend doing so and comparing results:
Any updates on this? Have the same issue by getting opaque token instead of jwt token byt passing correct audience param on authorizationParams. It looks like the client is not handle properly audience param passed to the constructor
I am facing this same issue. I am using nextjs-auth0 library and when I use auth0.getAccessToken() (after already authenticating) I get a jwt with no payload or Opaque. Any way to solve this?
Welcome to the Auth0 Community and I am sorry about the late reply to your inquiry!
For anyone who may be looking for a solution to this issue, I would recommend to review this community post regarding receiving an opaque access token:
In general, an opaque access token is returned because the right audience or scope was not passed in as parameters, the application was not registered with the Management API or the right grants are not enabled for your application.
Usually, if you are using a custom API, you will need to register it within Your Auth0 Dashboard and then create an M2M application in order for your api to communicate with Auth0’s Management API.
You can also review our documentation about Access Tokens.
Hopefully, the provided information above is useful in resolving the issues you might encounter with opaque access tokens!
If you have any other questions, feel free to leave a reply or to post again on the community!
Nothing in your code stick out to me immediately - Have you tested using the same config values in the Sample app? If not, I recommend doing so and comparing results: