Validating Auth0 Token - Spring Security

I am validating auth0 token in spring boot app with the help of this official doc

While running the app, it is throwing below exception

2021-11-03 19:12:09.669  WARN 18128 --- [           main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtDecoder' defined in class path resource [com/talenlio/common/security/SecurityConfig.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.jwt.JwtDecoder]: Factory method 'jwtDecoder' threw exception; nested exception is java.lang.IllegalArgumentException: Unable to resolve the Configuration with the provided Issuer of "https://dummy/api"

Here is my application.yml file

spring:
 security:
    oauth2:
      resourceserver:
        jwt:
          issuer-uri: https://my-domain-at.auth0.com/

auth0:
  grantType: client_credentials
  audience: https://dummy/api
  clientId: XXXXXXXXX
  clientSecret: YYYYY
  applicationDomain: https://my-domain-at.auth0.com/

What things I need to take care for this?

Hi @nikhil.jaunjal.

Thanks for reaching out to the Auth0 Community!

After looking at your stack trace, it appears that your app cannot resolve the audience you provided, specifically:

nested exception is java.lang.IllegalArgumentException: Unable to resolve the Configuration with the provided Issuer of "https://dummy/api"

In this scenario, I recommend that you double-check that you configured your Auth0 API correctly, and used the corresponding audience in your access token. It seems that the audience cannot be validated.

Please let me know how this works for you.

Thank you.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.