Closed Zeebzog closed 11 months ago
I don't understand your issue. Is it related with Authlib?
I'm not sure. Is this something that has been confirmed to work? I have tried everything to get this to work and I am now struggling to think of what to do next. Without a valid access token I am stuck on how to proceed with role based access to my APIs. Any help or ideas would be extremely welcomed.
Is this something that has been confirmed to work?
Auth0 is very popular, so I doubt you're the only one using authlib
with Auth0.
The access_token looks like a token but it is not valid and
How are you checking validity?
cannot be used or even interpreted by JWT,io
Are you sure they're supposed to be JWTs? This link suggests Auth0 defaults to opaque tokens.
I'd suggest opening a case with Auth0 support, unless you have a clear example showing this is a bug in Authlib.
@Zeebzog Hi, I think you need to contact Auth0 for help. I can't guess what's wrong with your description. I do offer commercial support https://authlib.org/support, if you need any help with your certain problems, maybe you can purchase a commercial consulting.
I have role based access turned on in Auth0. I log a user in from Flask using:
oauth.auth0.authorize_redirect(redirect_url)
In my callback from Auth0 I call:
token = oauth.auth0.authorize_access_token() session["user"]=token
The id_token, the userinfo etc. all looks OK
The access_token looks like a token but it is not valid and cannot be used or even interpreted by JWT,io
Have I missed something out that I should be setting?