getAccessTokenSilently returns invalid token for 2.0 ver. Works in pre 2.0 ver.

Question

getAccessTokenSilently returns invalid token for 2.0 ver. Works in pre 2.0 ver.

Closed this issue 2 years ago · 2 comments

Describe the problem

I have a working pre 2.0 version and am successfully getting a token when using getAccessTokenSilently.

After migrating to 2.0, I've followed the migration guide and setup the auth0 instance as follows (and checked each env var):

What was the expected behavior?

I expect getAccessTokenSilently to return a valid token as it does in the pre 2.0 version, however is currently returning an invalid token according to jwt.io

I'm wondering if the audience value should be passed in a new way (since the same issue occured without the audience in the previous version). Otherwise, I'm unsure how to continue troubleshooting this.

I'm testing this on localhost with the same config as pre 2.0 version except for the added authorizationParams outlined in the migration guide.

Here is the invalid token I'm getting from getAccessTokenSilently:
eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiaXNzIjoiaHR0cHM6Ly9kZXYtYXV0aC5xdWlkLmxpLyJ9..tqrEpZGZKlZAnxLs.X-uNGxxUC6vMuf6TZAvR_riaTgY_WcQuXH31dvRcIFdwAIEYWc2ddXXGxNr32_6m5jCIkAQL4p0Qw7k6ZQybH88dlERqY5Ez0HVn33381fgCdi1dUVKW-qCMM5MCLHdc7yFec8Xf9YpWq6BJkmk6XTfvi2EEiWJAFXeMS31q5gmLyApdvtEr9WJRRSKr-ES8qcvp0t2pregPkFjnHZlQzO4BufIfp11MKdCxs-UJjrHBgfo479R__xtL7zDJIXKV8jBV97TQvBOPeoW6KO0sGr0d6UL-jU1vAfwkLoEMACtm8ys5jgrRbLnnamAD6JxlCKx_X2fLnqGheF7_TcTKwxkr3HSVvDdGYYWACizHQsFOKaG3o_iWjCCw8cLQ0rk5KLWJS-Ym5LfgHEcqljPFgBiY5wFCNIoQQg.KaJsmCAHM6FzU_L3A5kO4g

Can you verify that my config in the image above is correct, and perhaps offer an explanation for why I'd get a different result with the 2.0 version? Is there any difference between using the composition API vs the Options API with this new version?

Environment

"@auth0/auth0-vue": "^2.0.0"
"vue": "^3.2.13" (Options API)
Chrome, Firefox

Answer 1 · 2023-01-31T06:31:00.000Z

Hey,

Yes, audience should go in authorizationParams, see https://auth0.github.io/auth0-vue/interfaces/AuthorizationParams.html, so no, your snippet is not correct for V2.

I will update our migration guide to ensure it includes it!

Sorry for missing that.

Answer 2 · 2023-01-31T08:00:14.000Z

I swear I tried that.... nonetheless, it's working as expected now, and I also was able to solve a very strange bug from the previous version where the token was very late to be returned from the SDK, and the only way around was a hacky reload of the page.

Thanks!