Auth0 with Apple Sign In
Hello again,
I am trying to get the Auth0 + apple sign in working. It works until the user is redirected back to the platform. I then get the error
Failed to authenticate: "InvalidAuthHeader: Could not parse as id token", check your server auth configAnd here is where my knowledge about this ends. The user gets created on Auth0, but the user does not get registered in Convex and can't be authenticated with the useConvexAuth. The auth0 works perfectly for sign in with google. Any recommendations on where I can start troubleshooting this error?
7 Replies
Hey! To my knowledge the OAuth provider used via Auth0 shouldn't really matter.
To debug I'd check in the browser devtools, network panel, the
sync websocket messages. There should be an Authenticate message with your JWT token from Auth0 there. You can then validate that it is a valid JWT token on a site like https://jwt.io/JWT.IO
JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
Do you have both Google and Apple integrated on the same page, and one works and the other one doesn't? (ie, there are definitely no settings differences between the two setups, either in Convex nor in Auth0)
Yes, both google and Apple is integrated. The Apple one does not work, while the google one does.
I am able to get to the authorise page, post sign in on apple, but once you allow access to the apple sign in, it does not create a user in convex and does not auth the user.
After authorising the page with google a user is created and the accessToken saved to the user in Convex. Am doing some digging in the JWT tokens currently, will see if I can get something that can steer me in the right direction
Regarding the sync-websocket it provides a vaild JWT.
It works with Clerk so am running with that for now. Can come back to help troubleshoot this later. Very possible it's something on my end too.
I suspect something in that JWT token is throwing off the Rust library we use for validating tokens.
Glad to hear Clerk works, I'll dig more into this.
Any updates on this? I'm experiencing the exact same issues.
After the callback, logging the
user object from the useAuth0-hook gives me a full user object, but logging the isAuthenticated bool from the useConvexAuth-hook gives me false and then I get the same error as OP. I've got the same setup as well, logging in / signing up with Google or email + password works flawless but not Apple.