403 testing Auth0 sample project (after upgrade to net8)
To learn Auth0, I cloned their sample glossary project and upgraded it to net8
<Project Sdk="Microsoft.NET.Sdk.Web">
<PropertyGroup>
<TargetFramework>net8.0</TargetFramework>
<UseAppHost>false</UseAppHost>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.11" />
<PackageReference Include="Swashbuckle.AspNetCore" Version="7.1.0" />
</ItemGroup>
</Project>
I also added a .sln
When I run, I see the swagger ui
I set up the api in Auth0 with an application to use it. The application has the permissions checked.
In appsettings I have put
"Auth0": {
"Domain": "myoauthtenant.au.auth0.com",
"Audience": "https://glossary.com",
"ClientId": "GS9.. etc",
"ClientSecret": "BYl2.. etc"
}
I have tried creating a token using both the Test tab in the OAuth0 api and the Test tab in the OAuth0 application
I also raised my issue on GitHub.
I have my API Authorised in my Test Application
I copy the bearer token from the Test Application Quickstart tab and paste it into Swagger Authorize Input
Then Try out Post
The authorization documentation is here.
[Update] I started with branch main instead of following the tutorial exactly. This may have to do with my problem.
[Update]
I missed this step in the API Settings
As far as I know, that project should work in .NET 8 as well.
I'm afraid you are mixing instructions for configuring an API and an OAuth client application. For example, you don't need ClientId and ClientSecret in appsettings.json to configure the API.
Follow the instructions in this article to test the API (by the way, this is the article attached to that sample project)
- 403 testing Auth0 sample project (after upgrade to net8)
- JWT refresh token flow
- How to Implement Token Validation for External Users Consuming My Public API Using Auth0?
- TypeError: jwt.sign is not a function
- Getting only decoded payload from JWT in python
- Any way to generate Supabase ANON_KEY and JWT_SECRET locally?
- Why is it bad to send jwt in request body?
- Generating JWT token with JwtUtil class in Spring Boot resulting in NullPointerException
- What are the differences between JWT RS256, RS384, and RS512 algorithms?
- Getting 'secretOrPrivateKey must have a value' error in NestJS JWT authentication
- asp.net core JWT in uri query parameter?
- How to reset Laravel AuthManager/guards in between API calls in tests?
- How to verify JWS in dotnet?
- How to ensure that only my frontend can access my API, and not anyone else?
- Cannot find module 'passport' or its corresponding type declarations
- How to set authorization headers with nodejs and express
- How to safely store & process secret key for JWT
- Decode of JWT error when token type is "at+jwt" for spring boot > 2.2.7
- Unknown authentication strategy "jwt" error in NestJS with Passport and JWT
- Can't import jwt-decode in JavaScript file in React project
- Custom AuthenticationStateProviderService error on localstorage
- IDX10500: Signature validation failed. No security keys were provided to validate the signature
- .NET8 ASP.NET Core Web API : JWT error : Bearer error="invalid_token"
- Official documentation for JwtBearer middleware/configuration via appsettings.json?
- Caused by: java.lang.NoClassDefFoundError: io/jsonwebtoken/Jwts
- Trying to fetch the data using Data Management API but keep getting permissions issue
- IDX10503: Signature validation failed. Token does not have a kid. Keys tried: 'System.Text.StringBuilder'
- Microsoft Azure doesn't return email via Oauth2 flow
- Token handler unable to convert the token to jwt token
- int io.jsonwebtoken.SignatureAlgorithm.getMinKeyLength()' no such method error while generating a token key for authentication