Validating token with back node js + front vue 3

hello!!! I have this middleware on my back:

const { auth } = require("express-oauth2-jwt-bearer");
import { env } from "../../utils/enviroment";

export const validateAccessToken = auth({
  issuerBaseURL: `https://${env.AUTH0_DOMAIN}`,
  audience: env.AUTH0_AUDIENCE,

and I have this middleware too:

//file server.js

following this example:

and in my front(Vue js 3) I have:

  <div class="content-layout" :v-if="invalidUser">
    <h1 id="page-title" class="content__title">Warning</h1>
    <div class="content__body">
      <p id="page-description">
        <span>You are  <strong>Blocked</strong>.</span>
        <span><strong >Only authorized users can access this platform.</strong></span>
      <div class="profile-grid" >
          <button class="button__cancel" @click="goHome" style="">Go home</button>


import { checkUserLogged } from "../services/message.service";

export default {
  data() {
    return {
      user: this.$auth0.user,
      invalidUser: false
  computed: {
  methods: {
    async checkUser() { 
        const accessToken = await this.$auth0.getAccessTokenSilently();
        const user = this.user;
        const { data, error } = await checkUserLogged(accessToken, user);
        if (data) { 
          if( data.authorize ){
            this.invalidUser = true; 
            setTimeout(async () => {
              await this.$auth0.logout({
                logoutParams: {
                  returnTo: 'http://localhost:4040/',
            }, 5000);                   
        if (error) {
          this.message = JSON.stringify(error, null, 2);
        logoutParams: {
          returnTo: 'http://localhost:4040/',
  mounted() { 

I’m getting this issue:

401 Unauthorized
message:"Bad credentials"

I checked my enviroment: CLIENT_ORIGIN_URL, AUTH0_AUDIENCE, AUTH0_DOMAIN, AUTH0_CLIENT_ID and AUTH0_CLIENT_SECRET, in my back and front code, and it’s right, you can help me? what’s wrong

Hi @Gerarca,

Thanks for reaching out to the Auth0 Community!

I understand that you are trying to validate your access token and encountered the 401 Unauthorized error, specifically mentioning about having bad credentials.

Now, could you please check your Logs for the error and verify that the data passed in the request is correct (e.g client_id, audience, etc)?

The error logs should provide you details about the data your passed in your request.

And if possible, could you decode your access token and verify the payload is correct as well?

(Reference: Auth0 Node (Express) API SDK Quickstarts: Authorization)

Please let me know how this goes for you.


Hello @rueben.tiow

I was checking the monitor logs and it look like everything is ok:

I’m using this configuration, in my back(node js)

Hi @Gerarca,

Thanks for your response.

Looking at your logs, it seems like the user was able to login and exchange the authorization code for an access token.

Could you try decoding the access token on and see if the payload is correct?


Hi @rueben.tiow

I got the “iss” correct, but on “PAYOLAD: DATA” I got nothing, this is bad??

Hi @Gerarca,

It seems that the token is an opaque access token.

In this case, please check that your login request passes in the audience parameter to get a JWT access token.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.