Auth0 JWT access token returning 401

Options
hector
hector Member
in ? Working with APIs

Hey! I'm trying to authenticate a user using a JWT access token I get from Auth0. The token seems to be valid according to https://jwt.io/, but my XANO API endpoint keeps returning 401 and the following error message:

{"code":"ERROR_CODE_UNAUTHORIZED","message":"Unsupported input"}

Any ideas?

Thanks in advance!

Tagged:
· Share on Twitter

Best Answer

  • Ray Deck
    Ray Deck Trusted Xano Expert ✭✭✭
    Answer ✓
    Options

    Ah. The Auth0 token is not going to work with Xano integrated authentication. You need Auth0 to generate an ID token, and then an endpoint to redeem that for a Xano auth token based on authing the user. Perhaps we could look inside the token on the decoded side of jwt.io to see what info is in there, and what kind it is (ID token, access token, etc)

    · Share on Twitter

Answers

  • Ray Deck
    Ray Deck Trusted Xano Expert ✭✭✭
    Options

    Can you show the request history and how you have the endpoint set up? (e.g. a screenshot of the endpoint)?

    · Share on Twitter
  • hector
    hector Member
    Options

    Hey Ray,

    Here is the information

    endpoint.png
    request history.png
    request headers.png
    response.png
    jwt.io.png

    Let me know what you think, thanks!

    · Share on Twitter
  • hector
    hector Member
    Options

    Thanks!!! I think I get it now. Just to recap,

    1. mobile app gets an Id token from Auth0
    2. mobile app sends this Id token to Xano
    3. an endpoint from Xano decodes the idToken and checks if there is a user with that information within the user table, if it does exist a user => it generates a JWT and sends it back to the mobile app
    4. from here, the mobile app sends this JWT in each request
    · Share on Twitter
  • Ray Deck
    Ray Deck Trusted Xano Expert ✭✭✭
    Options

    That all looks right!

    · Share on Twitter

Categories