CODEWITHSUNDEEP
flutterauth0
日高岳大
日高岳大

Reputation: 236

auth0 returns a short AccessToken in the flutter environment

I have incorporated auth0 authentication into my flutter app with reference to the following article.
https://auth0.com/blog/get-started-with-flutter-authentication/

With this setting, google user information etc. could be acquired.
However, when I access my API Server with the AccessToken I got after logging in, I got an 401 error.

Looking at AccessToken, it's a very short and not a complete token.

Looking at the following article, it is said that you should specify the 'audience' of your API Server.
But I don't know how to specify 'audience'.
https://community.auth0.com/t/access-token-too-short-jwt-malformed/9169/7

final AuthorizationTokenResponse result =
          await appAuth.authorizeAndExchangeCode(
  AuthorizationTokenRequest(
    AUTH0_CLIENT_ID,
    AUTH0_REDIRECT_URI,                // How do you specify 'audience'?
    issuer: 'https://$AUTH0_DOMAIN',
    scopes: ['openid', 'profile', 'offline_access'],
  ),
);

Please tell me how to get the complete AccessToken.
Thank you!

Upvotes: 2

Views: 1003

Answers (1)

Luke Chadwick
Luke Chadwick

Reputation: 1737

It is possible to include the audience parameter using the additionalParameters key:

      final AuthorizationTokenResponse result =
          await appAuth.authorizeAndExchangeCode(
        AuthorizationTokenRequest(
          AUTH0_CLIENT_ID, AUTH0_REDIRECT_URI,
          issuer: 'https://$AUTH0_DOMAIN',
          additionalParameters: {'audience': AUTH0_AUDIENCE },
          scopes: ['openid', 'email', 'profile', 'offline_access'],
          //promptValues: ['login'],
        );

As noted in the documentation you have linked above, this will cause Auth0 to return a JWT access_token rather than just a short token.

Hat tip to arch​18 from the comments on https://auth0.com/blog/get-started-with-flutter-authentication/

Upvotes: 1

Related Questions