Closed Mickaz89 closed 1 year ago
Looks like you're passing in the ID token and not the Access token?
@ottokruse I am taking the token from the headers of the event like this
const authToken = event.headers['Authorization'];
I am using the aws-serverless-express/middleware library to have access to the event object like this :
app.use(awsServerlessExpressMiddleware.eventContext())
So i can have acces to the object in
const event = req.apiGateway.event;
Your client application seems to be sending an ID token to your back-end. Either change it to send Access token, or configure the verifier to accept ID tokens (but then you can't check scope because that's an Access token field)
Is this resolved @Mickaz89 ?
Yes, my mistake it was ID TOKEN and not Access Token
Gotcha, glad that it's solved
Describe the bug
Getting this error "JwtInvalidScopeError: Missing Scope. Expected: read"
Getting this error "CognitoJwtInvalidTokenUseError: Token use not allowed: id. Expected: access"