Tyk (Open Source) + Auth0 "Invalid Key"

I am using the Open Source version of Tyk, and I am trying to figure out how to set up Tyk to use tokens from Auth 0. I am using Tyk version 4.1.0.

I have an API set up in which the audience is also the client id in Auth0. However, when I try to use the token from Auth0 to access my API, the error I get is “Key not authorised”.

The Tyk logs show these messages:
[Nov 14 22:40:57] WARN JWT Invalid api_id=THX1138 api_name=petstore error=Validation error. Validation error. The provider https://proj-unknown.us.auth0.com/ does not have a client id matching any of the token audiences [zWozHYCcfaRWN3RfdlRT1mZfDZEoBNGR] mw=OpenIDMW org_id= origin=192.168.32.1 path=/petstore-test/pet/123
[Nov 14 22:40:57] WARN Attempted access with invalid key. api_id=THX1138 api_name=petstore key=****JWT] mw=OpenIDMW org_id= origin=192.168.32.1 path=/petstore-test/pet/123

I have a policy set up in the ./policies/policies.json file. The API.json file has keyless turned off, the issuer is in the providers list, and the client ID is tied to my policy.

What am I missing?

Thanks!

Hi,

While we look into this, could you have a read of OIDC configuration with JWK and see if there is anything in that thread that helps? They’re getting very similar errors to you.

Cheers,
Pete

I found it. In the api.json file, in the client_ids list, the audience was not based 64 encoded.

1 Like