发表新帖
发表新帖

Verifying Auth0 JWT throws invalid algorigthm

前端 未结
关注
4 2712
说谎
说谎 2021-02-20 17:38

I have created an Auth0 client, I am logging in and receive this token:

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1rVkdOa1l5T1VaQ1JqTkRSVE5EUmtNeU5rVkROMEUyU
4条回答
  • 攒了一身酷
    攒了一身酷 (楼主)
    2021-02-20 18:12

    Have you tried setting the algorithm to "HS256"?

    According to the Auth0 docs at https://auth0.com/docs/api-auth/tutorials/verify-access-token#verify-the-signature

    For HS256, the API's Signing Secret is used. You can find this information at your API's Settings. Note that the field is only displayed for APIs that use HS256.

For RS256, the tenant's JSON Web Key Set (JWKS) is used. Your tenant's JWKS is https://YOUR_AUTH0_DOMAIN/.well-known/jwks.json.

    0 讨论(0)
 看不清?
提交回复
热议问题