I have created a .net core web api and trying to secure it with Auth0.
My webapi has a domain name that redirects to an IP address on windows server hosted on Amazon.
I configured the API on Auth0 with the domain name that I have . the web api is secure now. the web api also has permission set up as well . Now I am trying to get the authorization token , I get the authorization token using code sample by Auth0.
When I pass the Autorization token in header as "Bearer Authorization " token , I get error Unauthorized Audience is not valid as below
www-authenticate: Bearer error="invalid_token"error_description=“The audience 'api domain ’ is invalid”
I dont know how to pass permission i.e “read:message” to the api call.