Web Api Authentication with Auth0


I have created a .net core web api and trying to secure it with Auth0.

My webapi has a domain name that redirects to an IP address on windows server hosted on Amazon.

I configured the API on Auth0 with the domain name that I have . the web api is secure now. the web api also has permission set up as well . Now I am trying to get the authorization token , I get the authorization token using code sample by Auth0.

When I pass the Autorization token in header as "Bearer Authorization " token , I get error Unauthorized Audience is not valid as below

www-authenticate: Bearer error="invalid_token"error_description=“The audience 'api domain ’ is invalid”

I dont know how to pass permission i.e “read:message” to the api call.


HI @RohitSingh,

Welcome to the Auth0 Community!

I understand that you’ve been encountering errors when requesting access to your API.

First, to pass the corresponding read:message permission to the API, you’ll need to pass read:message in the scope parameter.

Then, make sure that this permission is defined in the audience used in that authorization flow.

Please let me know if you have any further questions. I’d be happy to help.

Thank you.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.