Using auth0 with Google Cloud Endpoints - JWT validation failed

I’m trying to get the Google Cloud Endpoints bookstore gRPC sample working with an auth0 authentication provider.

The only change that I’ve made to the api_config.yaml in the guide is to add the authentication stanza (apart from updating the service name of course).

  - id: auth0_jwk
    jwks_uri: ""
  - selector: "*"
      - provider_id: auth0_jwk

I’ve acquired a bearer token from auth0 using the http interface:

curl --request POST \
  --url \
  --header 'content-type: application/json' \
  --data '{"client_id":"...","client_secret":"...","audience":"","grant_type":"client_credentials"}'

which I’ve provided as an argument to the client script

python --host --port 80 --auth_token $token

However, I only ever receive the following error when I try to call a protected api method:

grpc._channel._Rendezvous: <_Rendezvous of RPC that terminated with (StatusCode.UNAUTHENTICATED, JWT validation failed: Missing or invalid credentials)>

When I decode the auth token using I see the following payload:

  "iss": "",
  "sub": "52KrE3Xvkfdsfsfsdfsdfsfdssl6HaQAOajO@clients",
  "aud": "",
  "exp": 1496173209,
  "iat": 1496086809,
  "scope": ""

However, I also get an Invalid Signature warning, even when putting the jwks x5c certificate chain in the RS256 certificate field.

Can anyone shed some light on what I’m doing wrong?

Thanks, Mark

Well, about the invalid signature error - apparently the ----BEGIN/END CERTIFICATE— lines are necessary for the JWT to validate. After adding that validates the JWT correctly.

Still failing to authenticate with the endpoint though…