I went through the Django API authorization tutorial, and everything works except when I have to use my token to assess my endpoint I receive a Unauthorized response. When I don’t use a token I get the expected response of needing a token.
@popare were you following this tutorial here Django API: Authorization? And you getting a 401 error?
How are you testing the token? Are you calling the API from an SPA, Machine-to-Machine application, etc? Can you share a bit more details about how you are getting the token and using it?
https://auth0.com/docs/quickstart/backend/django/02-using#obtaining-an-access-token
Hey @kimcodes, I followed the Quickstarts guide to Using your API, but I always get Unauthorized to my endpoint.
I ran the following curl commands after setting up a Machine-to-Machine app
curl --request POST
–url ‘https://dev-teammgr.auth0.com/oauth/token’
–header ‘content-type: application/x-www-form-urlencoded’
–data ‘grant_type=client_credentials&client_id=%24%7Baccount.clientId%7D&client_secret=YOUR_CLIENT_SECRET&audience=YOUR_API_IDENTIFIER’
curl --request GET
–url http://localhost:3010/api/private
–header ‘authorization: Bearer YOUR_ACCESS_TOKEN’
Figured out the issue. It had to do with the JWT_ISSUER param in settings.py. When I decoded the token at https://jwt.io. The issuer had the entire url vs the guide just had part of it. I updated to include the entire url and it worked perfectly.
2 Likes
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.