Trying to call protected API with React

Hello everyone,

I hope you guys having a great day/night!

I created a backend with NodeJS, express and secure it Auth0, i tested with the same token machine to machine that Auth0 provides, the routes check for authentication and authorization depending on the scopes that I assign to the API.

Now I created a React App uses Auth0 to secure my app, and I am able to get the token with getAccessTokenSilently(), however when I tried to use the token to call the API I am getting a jwt malformed error. I went into auth0 and assigned the correct permissions for the user that relates to the api. Tried to get another token, but still the same error.

I followed Auth0 React SDK Quickstarts: Call an API

I am getting Missing Refresh Token when i pass a audience that is following:

  audience: `https://${domain}/api/v2/`,

I enter here the audience from the api, same error, the domain from the api and the same error, even the url where is hosted the app locally but i am getting the same error.

Any help?

Hey there!

Thank you for raising this. I would like to cross-post it as a GitHub issue here:

as it will be the most effective way to handle that cause we will be able to work with repo maintainers directly. Once you have a link to the issue, you can share it here and we’ll ping them. Thank you!