Web Api Authentication with Auth0

Hi

I have created a .net core web api and trying to secure it with Auth0.

My webapi has a domain name that redirects to an IP address on windows server hosted on Amazon.

I configured the API on Auth0 with the domain name that I have . the web api is secure now. the web api also has permission set up as well . Now I am trying to get the authorization token , I get the authorization token using code sample by Auth0.

When I pass the Autorization token in header as "Bearer Authorization " token , I get error Unauthorized Audience is not valid as below

www-authenticate: Bearer error="invalid_token"error_description=“The audience 'api domain ’ is invalid”

I dont know how to pass permission i.e “read:message” to the api call.

thanks
Rohit

HI @RohitSingh,

Welcome to the Auth0 Community!

I understand that you’ve been encountering errors when requesting access to your API.

First, to pass the corresponding read:message permission to the API, you’ll need to pass read:message in the scope parameter.

Then, make sure that this permission is defined in the audience used in that authorization flow.

Please let me know if you have any further questions. I’d be happy to help.

Thank you.