WSAM - KrakenD API

Dear community,

I have a very basic setup. A blazor WASAM web app which redirects users to Auth0. The app then calls the api gateway which validates the access bearer token and inserts the sub into the request to the backend.

I read the documentation on how to configure KrakenD with Auth0 and wonder why this is clustered as a Machine-Machine flow. M2M licensing is quite expensive in Auth0 compared to MAU (7k MAu to 1k tokens in the free plan). May I do not fully understand the terminology but for me this is still client to server communication with validation?

Prior i had keycloak in place and used a simple validator to check if the accesstoken was okey. Updating the validator to Auth0 or manual checking the token on jwt.io both states that the Token is invalid if I just use a SPA application for the WASAM.

[JWTValidator] Unable to validate the token: square/go-jose: compact JWS format must have three parts

for the krakenD experts

                "extra_config": {
                    "auth/validator": {
                        "alg": "RS256",
                        "jwk_url": "https://DOMAINHERE.eu.auth0.com/.well-known/jwks.json",
                        "cache": true,
                        "operation_debug": true,
                        "propagate_claims": [
                            [
                                "sub",
                                "x-user"
                            ]
                        ]
                    }
                }
            },

Thank you for education in advance.
Stef

Hi @sonicsw,

Welcome to the Auth0 Community!

It looks like the doc mention M2M as an option, but don’t require you to use M2M if you are simply trying to authenticate users and send a token to the backend. This shouldn’t require any M2M tokens, unless I am missing something (please let me know!).

As for the JWS error, it looks like you might have an opaque token.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.