"Could not verify token claim" on React Native
Hi guys, I am trying to replace Clerk Auth with Convex Auth using in react native (with expo)
I am testing locally, after trying to verifying code via email
I got this issue
Failed to authenticate: "Could not verify token claim", check your server auth config
"check your server auth config" What exactly do I need to check?
auth.ts
Note: I can see user is inserted in users table
with this data
40 Replies
"server auth config" is probably convex/auth.config.ts
@ballingt
Thanks for looking into it
my auth.config.ts
and CONVEX_SITE_URL is https://marvelous-llama-415.convex.site (development)
I am trying to test OTP via email
with the error, I have no idea to debug, I think there is something wrong when communicating between client and server while validating token
but not sure where to check or debug
@ballingt if you have some insight, can you give me some hint?
The provider that doesn't work for you is ResendOTP?
Do any others work?
yes, ResendOTP
I can receive OTP via email
Do any others work?
=> ResendOTP is first provider I am trying
Which setup instructions did you follow, sounds like we might need to fix them?
Convex Auth - Convex Auth
Authentication library for your Convex backend
I am following this, but for React Native
cool, I'll give it a shot.
Basically I think the flow is correct
I mean I can receive OTP via email by resend
the user is inserted correctly into users table
I can get token from useAuthToken()
However, it seems like verifying this token in server got the issue
and I don't know where I can check
I am not sure what
Failed to authenticate: "Could not verify token claim", check your server auth config
comes fromThat's coming from the convex backend, maybe we can get more info
GitHub
convex-backend/crates/authentication/src/lib.rs at main · get-conve...
Open source single-machine version of the Convex backend - get-convex/convex-backend
Some quick things to try before I create a repro, could that trailing slash be an issue?
let me quick check now
give me 5s
if it were then our instructions would be broken
just a guess
ah no,
CONVEX_SITE_URL = https://marvelous-llama-415.convex.site
maybe my typo when typing here
but they are same
just sidenote: my friend said she finished migration from Clerk Auth to Convex Auth
and it is working
I've just wondered whether it works for React Native or not
for the future it's safe to log more information about these failures, I'll check with security here to make sure
I have 1 quick question
in case I am testing this locally
Do I need to set CONVEX_SITE_URL in .env.local ?
I ask this because based on documentation, CONVEX_SITE_URL is system environment ?
(meaning a change we'll make)
hm should be fine, it's the system one https://docs.convex.dev/production/environment-variables#system-environment-variables
I think maybe it is good if can debug via https://github.com/get-convex/convex-backend/blob/main/crates/authentication/src/lib.rs#L202-L205
GitHub
convex-backend/crates/authentication/src/lib.rs at main · get-conve...
Open source single-machine version of the Convex backend - get-convex/convex-backend
the link you sent before
Yeah seems safe for us to print more there, but it'll be a bit before that gets out
Sure thanks for your help
Could you try another method than OTP? wondering if this is specific
ok
thanks for working through this, I'll dig in this afternoon. I don't know of anything simple you could be doing wrong, I need to set up a project and trace this through.
we bit off a lot of surface area with these methods with this beta release of auth and React Native has less coverage, it's possible something regressed here
thank you for your time, I will try another provider and let you know
@ballingt Thanks for your guideline
after I read your link above
I found the root of issue
Basically the issue comes from with https://labs.convex.dev/auth/setup/manual#configure-authconfigts
Manual Setup - Convex Auth
Authentication library for your Convex backend
when run this code
copy the output and bring to convex dashboard environment should remove double quotes
Nice! I'll update those docs to say that.
And we can examine that string at runtime and print a nice error since we know these shouldn't start with quotes
the docs is unclear, it says copy out put, so I copy exactly the output
the output looks like this
JWT_PRIVATE_KEY should remove "" while put to environment
actually
maybe better to make it consistency
JWT_PRIVATE_KEY="<key>"
JWKS="<key>"
then copy <key>
the confusion here is JWKS doesn't have ""
When pasting into the COnvex dashboard we should warn if the values starts and ends with quotes
Yeah and I'll change that string too
this script from documentation
process.stdout.write(
JWKS=${jwks}
);It's tough, those double quotes are appropriate in a .env file
but not allowed in the dashboard
yeah
but yeah we can use quotes for both here
but thanks for your help, 100% appreciated
I can continue migration now
@Kevin We've rolled out a warning for this
awesome