search

auth0-blog / auth0-python-fastapi-sample

Code sample for a protected API in FastAPI for Python
https://auth0.com/blog/build-and-secure-fastapi-server-with-auth0/
60 stars 22 forks source link

403: {"detail": "Invalid issuer"} #10

Open jessicalundin opened 9 months ago

jessicalundin commented 9 months ago

Hi I'm new to Auth0 and authentication. I worked through the tutorial[https://auth0.com/blog/build-and-secure-fastapi-server-with-auth0/] and keep getting a 403 error: {"detail":"Invalid issuer"}% when I use the command:

curl -X 'GET' \
  'http://127.0.0.1:8000/api/private' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer <token>

I can run the sample commands within Auth0 to get the access token, so clearly this piece is working.

curl --request POST \
  --url https://dev-1mpoitrd3j6qadab.us.auth0.com/oauth/token \
  --header 'content-type: application/json' \
  --data '{"client_id":"<client_id>","client_secret":"<secret>","audience":"https://fastapiexample.com","grant_type":"client_credentials"}'

the .env file:

AUTH0_DOMAIN = XXX.auth0.com
AUTH0_API_AUDIENCE = https://fastapiexample.com
AUTH0_ISSUER = https://XXX.auth0.com
AUTH0_ALGORITHMS = RS256

Current thought is the JWT token is not working.

jessicalundin commented 9 months ago

Looks like one must have an enterprise account to have JWT tokens. Default is client secret.

IanJempson commented 8 months ago

@jessicalundin I had the same issue, but found the problem was my .env file. change AUTH0_ISSUER = https://XXX.auth0.com to AUTH0_ISSUER = https://XXX.auth0.com/ and it should work. At least that's where I found I was going wrong.