UnauthorizedError: jwt issuer invalid.

[besnikh]

Hi,

I followed your tutorial on https://auth0.com/blog/vuejs2-authentication-tutorial/ but I am getting an error when I want to access the Private route.

The error on my server log is:

GET /api/test/public 304 0.785 ms - -
OPTIONS /api/test/private 204 0.835 ms - -
GET /api/test/private 401 405.760 ms - 650
UnauthorizedError: jwt issuer invalid. expected: https://myurl.eu.auth0.com

I can confirm that the error expected url is same as issuer! in my router if I remove the authCheck everything works, but once I add the authCheck function, I can not read the file. In my browser I get the 401 (Unauthorized)

authCheck function:

const authCheck = jwt({
  secret: jwks.expressJwtSecret({
        cache: true,
        rateLimit: true,
        jwksRequestsPerMinute: 5,
        jwksUri: "https://myurl.eu.auth0.com/.well-known/jwks.json"
    }),
    // This is the identifier we set when we created the API
    audience: 'https://www.myurl.com/api',
    issuer: "https://myurl.eu.auth0.com",
    algorithms: ['RS256']
});

My front-end api-axios file:

function getPrivate() {
  const url = `${BASE_URL}/test/private`;
  return axios.get(url, { headers: { Authorization: `Bearer ${getAccessToken()}` } }).then(response => response.data);
}

Can someone help me with this ? Where is the problem ?

[besnikh]

Hi, I fixed the problem changing issuer: to iss:

May I know why I had to change this? Or should my server work with issue also or not ?

Cheers

[unicodeveloper]

I really don't have the answer for this at the moment but I'm investigating the possible cause. Thanks for reporting.

[besnikh]

@unicodeveloper looking forward to receive anything regarding this before I get my app into production!