Auth0 for auth REST API as a data source

peter · April 30, 2022, 4:51pm

I’ve been having a hard time getting Auth0 to work as an authentication mechanism for a backend REST API.

My misunderstanding might be primarily due to minimal knowledge about JWTs but I think there may be some WeWeb specific topics in here as well.

I’ve gone through the process in the link above, ensured both my Application (WeWeb) and backend are using the RS256 alg, and yet I keep getting the error:

InvalidTokenError: Invalid Compact JWS

When I take the authToken to JSON Web Tokens - jwt.io, I get an error saying “invalid signature”.

I also noticed that the token in WeWeb doesn’t have a payload (I’m not sure if this is related to the issue above).

Anybody encountered similar issues?

peter · May 1, 2022, 7:25pm

Update with a semi-solution and some information if anyone runs into the same problem!

The access token you get in WeWeb is actually an opaque token (not JWT format). Access Tokens.

The more appropriate guide for setting this up is found here:

karthik · July 10, 2023, 7:18am

Hey peter try enabling the audience parameter in the weweb Auth0 settings which should be the Identifier variable from Auth0 API settings then you might be getting a JWT instead of a opaque token.

I was facing the same issue for a while

Topic		Replies	Views
Help! Auth0 (Xano + WeWeb) Authentication Issue How do I?	8	439	November 1, 2022
Api secured by Auth0, how to get authorization token to send along? How do I? auth0	4	386	March 7, 2022
Exchanging auth0 token for Xano token How do I? authentication , xano	7	251	May 26, 2023
Use the Token Based Auth to Store User Data How do I?	8	262	May 24, 2023
Token-based authentication error - no authToken result Ask us anything	2	177	November 4, 2023

Auth0 for auth REST API as a data source

Related Topics