Valid JWT using curl, not when using node.js

I’m trying to get a valid JWT from a node.js application. I can make it work using cURL:

curl th0.com/oauth/token   --header 'content-type: application/json'   --data '{"client_id":<client_id>,"client_secret":<client-secret>,"audience":<audience>,"grant_type":"client_credentials"}'

The resulting JWT is valid using jwt.io, and I can use it when I set it in the auth0 user mgmt APIv2.

When I do the same thing using node.js, I get a valid (and very similar as using cURL) token, but I get an 401 Unauthorized when I try to use it:

let auth0Response =
                await fetch(`https://${process.env.AUTH0_DOMAIN}/oauth/token`,
                            {method: 'POST',
                             headers: {'content-type': 'application/json'},
                             body: JSON.stringify({"client_id":`${process.env.AUTH0_CLIENT_ID}`,
                                                   "client_secret":`${process.env.AUTH0_CLIENT_SECRET}`,
                                                   "audience":`https://${process.env.AUTH0_DOMAIN}/api/v2/`,
                                                   "grant_type":"client_credentials"})
                            })
                .then(response => response.json())
            console.log('token: ' + JSON.stringify(auth0Response))

This returns a valid JWT (jwt.io) with the right claims (the same ones as using cURL). However, I can’t seem to use this JWT to do any requests, nor programmatically, nor using the auth0 management APIv2 page.

I have no idea how to debug this, since the JWT is valid according to jwt.io (with the same claims as a working JWT), but apparently isn’t according to auth0.

What am I overlooking?

1 Like

Hi Kurt,

Do you see any errors in Dashboard Logs when using Node.js generated access_token by any chance?

Regards,
Amin

No, but it seems to be solved now.