/userinfo API returns 401 Unauthorized

Ilanoh · April 20, 2023, 2:01pm

I’m trying to retrieve user’s profile based on the Auth0 Access Token obtained during login.

I use the endpoint GET /userinfo

I successfully retrieve the Access Token using this function

const getUserMetadata = async () => {
        //const domain = "domain.us.auth0.com"
        const accessToken = await getAccessTokenSilently({
            authorizationParams: {
              audience: 'https://domain.us.auth0.com/userinfo', // Value in Identifier field for the API being called.
              scope: 'openid', // Scope that exists for the API being called. You can create these through the Auth0 Management API or through the Auth0 Dashboard in the Permissions view of your API.
            }
          });
        const tokenId = await getIdTokenClaims()
        const response = {
            access: accessToken,
            id: tokenId
        }
        return response
    }

I then make a get request to the API

get https://domain.us.auth0.com/userinfo
Authorization: "Bearer token"

I receive 401 Unauthorized

The token is created upon login with the default ‘Auth0 Management API’

It doesn’t work either when i use for audience

.us.auth0.com/api/v2/

or when I use for scope

read:openid

No solutions found anywhere on the internet, and in the documentation.
How what should I do to make it works ?

Thank you

tyf · April 20, 2023, 10:26pm

Hi there @Ilanoh welcome to the community!

What exactly do you mean by this?

Do you mind sharing an example of an access token you’re attempting to use against /userinfo? Please redact any sensitive information.

Thanks!

Ilanoh · April 23, 2023, 9:11am

This is the API for login

The access token is a jwt that I receive from getAccessTokenSilently, I place it in the get request Authorization header, but it doesn’t work.

tyf · April 25, 2023, 12:20am

Thanks for getting back to me!

Do you mind decoding an example access token at jwt.io and sharing a screenshot here? Please redact any information that you don’t want share.

Thanks!

Ilanoh · April 25, 2023, 9:10am

yes sure please find the screenshot here

What do you think is the issue?

Thanks

tyf · May 12, 2023, 12:06am

Hi there, sorry for the delayed response here - Were you ever able to get this sorted?

The access token you shared looks good to me , assuming its not expired. If you get a new access token and use the shell script here to hit /userinfo, do you still get a 401?

Let us know either way!

tyf · May 27, 2023, 12:07am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Get user info returns invalid credentials Help api-authorization , invalid-credentials , user-info , invalid , get-user-info-using-	2	10106	July 25, 2019
When call /userinfo API returns Unauthorized Help login-experience , new-universal-login-experience	3	2453	February 9, 2023
Isue with auth0-java calling the userinfo endpoint Help auth0-java	2	5117	March 2, 2018
How to request access token from authentication/management API Help jwt , nodejs , access-token , node-auth0	5	6913	September 5, 2019
How to have and what to do with /userinfo result Help login	2	3394	December 17, 2018

/userinfo API returns 401 Unauthorized

Related Topics