/userinfo API returns 401 Unauthorized

JWT.io
,
1

I’m trying to retrieve user’s profile based on the Auth0 Access Token obtained during login.

I use the endpoint GET /userinfo

I successfully retrieve the Access Token using this function

const getUserMetadata = async () => {
        //const domain = "domain.us.auth0.com"
        const accessToken = await getAccessTokenSilently({
            authorizationParams: {
              audience: 'https://domain.us.auth0.com/userinfo', // Value in Identifier field for the API being called.
              scope: 'openid', // Scope that exists for the API being called. You can create these through the Auth0 Management API or through the Auth0 Dashboard in the Permissions view of your API.
            }
          });
        const tokenId = await getIdTokenClaims()
        const response = {
            access: accessToken,
            id: tokenId
        }
        return response
    }

I then make a get request to the API

get https://domain.us.auth0.com/userinfo
Authorization: "Bearer token"

I receive 401 Unauthorized

The token is created upon login with the default ‘Auth0 Management API’

It doesn’t work either when i use for audience

.us.auth0.com/api/v2/

or when I use for scope

read:openid

No solutions found anywhere on the internet, and in the documentation.
How what should I do to make it works ?

Thank you

3

Hi there @Ilanoh welcome to the community!

What exactly do you mean by this?

Do you mind sharing an example of an access token you’re attempting to use against /userinfo? Please redact any sensitive information.

Thanks!

4

This is the API for login

Screenshot 2023-04-23 at 12.06.52
Screenshot 2023-04-23 at 12.06.522048×216 36.1 KB

The access token is a jwt that I receive from getAccessTokenSilently, I place it in the get request Authorization header, but it doesn’t work.

1 Like
5

Thanks for getting back to me!

Do you mind decoding an example access token at jwt.io and sharing a screenshot here? Please redact any information that you don’t want share.

Thanks!

6

yes sure please find the screenshot here

Screenshot 2023-04-25 at 12.06.00
Screenshot 2023-04-25 at 12.06.001146×1128 79.8 KB

Screenshot 2023-04-25 at 12.06.17
Screenshot 2023-04-25 at 12.06.171156×870 42.1 KB

What do you think is the issue?

Thanks

7

Hi there, sorry for the delayed response here - Were you ever able to get this sorted?

The access token you shared looks good to me , assuming its not expired. If you get a new access token and use the shell script here to hit /userinfo, do you still get a 401?

Let us know either way!

8

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.