Error when using Auth0 JWT tokens for a request

Hi,

I’m using auth0 for authenticating with my API the problem is that when I try to connect to make the request:

error:"[{"extensions":{"path":"$","code":"invalid-jwt"},"message":"Could not verify JWT: JWSError (CompactDecodeError CompactDecodeError: Expected 3 parts; got 1)"}]"

On my resource setup I have chosen OAuth 2.0 as the authentication method and I fill the requested parameters, everything seems okay and when i test out with the button

“Test OAuth integration with your own account”

I’m sent to auth0 were I login correctly, then I’m redirected back to the resource and on the Access Token parameter now I have —encrypted on server—

But when I sent a request to the resource I get the previous error.

Any ideas?

Is there a way to see what is the exact request that retool is using, supposedly it should be sending the Token in the Header Authorization: Bearer OAUTH2_TOKEN but I feel that OAUTH2_TOKEN is not being sent. Where can I see the current value for OAUTH2_TOKEN?

Thanks,
Alex

Hey Alejandro!

If you go into a Retool app and create a query to this resource (after having authenticated it), when you preview the query you’ll be able to expand the request --> headers field in the JSON.

If the token isn’t being passed in from the OAuth2 workflow, it will say a literal BEARER OAUTH2_TOKEN string

If it is passing in the token, that will say Bearer [some_real_token] instead. If that’s the case, then the token which is being returned from that OAuth workflow isn’t what this API is expecting to use for it’s authentication

Can you help me out on how to do this? I haven’t found where can I do this.

Thanks!

This will be inside of the request metadata here inside the editor:

Since this is a JWT token, there’s also a chance that it’s not being returned as a standard key name and wouldn’t be picked up in the standard OAuth2.0 authentication workflow. If that’s the case, you might be able to get this working in a custom auth workflow that uses OAuth2.0 as a step

My request is to a GraphQL resource, is there a way to see the request metadata in this kind of resouce? It appears that this is only available to (restapi) resources.

Thanks!

hey @Alejandro! You can see the request metadata for all of the available resources in Retool within that query preview window. Here’s what it looks like for a GraphQL query:

Are you looking for a specific key/value in the metadata (that you’re not seeing now)?

I don’t see the metadata if there’s an error on the request:

What I’m trying to see are the headers of my request.

Thanks!

Ahhh, gotcha! You can view the request parameters via the DevTools network tab. You’ll want to look at the “preview” request details > under the Request tab > and then under “userparams”:

Thanks for the quick reply!

I tried to debug the request and add it a custom header but still on userParams on the “headerParams” I didn’t see anything :confused:

Any ideas?