But I don’t see how that will solve anything, since I would still be in the same situation with the 3 apps and /oauth/token issuing me tokens which don’t seem to be valid. Ultimately, the production environment will presumably need a separate Production tenant. The site tells me “Signature Verified.” The audience in the returned token is the API identifier which I passed above, which is the audience I’m checking for in the backend API. When I look at the JWT itself using jwt.io, it says that the token expires tomorrow, 24 hours after it was issued. YOUR_API_IDENTIFIER=' It returns a different token which nevertheless fails with a 401 ExpiredSignatureError. So I have selected the M2M application #3 from the popup button and used the sample code there to fetch a token using the provided values: YOUR_DOMAIN='xxx.xx.' There are instructions in the “Test” tab of the API #2 above. The error is generated by the requires_auth() method in the API code which I have copied verbatim from the Python API Quickstart.Īfter some reading, it seemed like perhaps the right solution is to use the Client Credentials Flow on the command line to fetch a token which I can paste into Postman. This fails with 401 “token is expired” both locally and in production. I have tried “cheating” and simply printing the bearer token above and then using that in Postman. When I want to call my own API endpoints directly, I need to add a Bearer token to the Postman calls. This works well both locally and in production. Both locally and in production, the environment variables reference the CLIENT_ID/ CLIENT_SECRET of the Web Application #1. When the web application calls the API’s endpoints, is gets a bearer token from getAccessToken() in the nextjs-auth0 library. ![]() You will use this when configuring authentication with Auth0. ![]() Client ID: The unique identifier for your application. ![]() If you need a different domain, you must register for a new tenant by selecting + Create Tenant in the top-right menu. The token expirations for API #2 are the defaults, 864. You choose this when you create a new Auth0 tenant, and it cannot be changed. Both are marked “Authorised” in the “APIs” tab. An Auth0 Machine-to-Machine ApplicationĪpp #3 is linked to API #2 and the Auth0 Management API.I’m using Auth0 to manage login on both sides. I am developing a site with a frontend (React) and a backend (Flask).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |