New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Received an UnauthorizedException when calling GraphQL with Auth0 as OIDC. #13252
Comments
hi @cwomack any update for this? 🙇 |
Hi @TitusEfferian it looks like your schema has a I think it's also worth mentioning that your |
I am experimenting with a completely new project, so currently I don't have any items in DynamoDB. I tried creating new data but encountered the same error. Here, I have already attempted to modify the schema again. type AnotherTodo
@model
@auth(rules: [{ allow: owner, provider: oidc, identityClaim: "sub" }]) {
id: ID!
name: String!
description: String!
} const client = generateClient();
const input: CreateAnotherTodoInput = {
description: "hello",
name: "hello",
};
client
.graphql({
query: createAnotherTodo,
authMode: "oidc",
variables: {
input,
},
})
.then((x) => {
console.log(x);
})
.catch((err) => {
console.log(err);
});
Yes, I can confirm that the token sent in the GraphQL request is the same one that I placed in myTokenProvider. I can also confirm that the structure of the JWT contains the |
Before opening, please confirm:
JavaScript Framework
React
Amplify APIs
GraphQL API
Amplify Version
v6
Amplify Categories
api
Backend
Amplify CLI
Environment information
Describe the bug
I am trying to perform some CRUD operations with GraphQL, using Auth0 as the OIDC provider. I have successfully logged in with Auth0, obtained the idToken, passed it to Amplify Auth, and received all the results within
fetchAuthSession()
. Now, I am planning to hit a GraphQL endpoint, but I encountered an "UnauthorizedException" error.I have explored all the available open and closed issues in this repository using the filter is:issue is:open graphql auth0, and I didn’t find any duplicates or relevant issues related to my case. I have also searched in the aws-amplify Discord and still haven't found any information, so I decided to open a new issue here.
Expected behavior
GraphQL returns a 200 status code, with expected data
Reproduction steps
amplify add api
.Code Snippet
main.tsx
App.tsx
auth0 api response
pass auth0 information into amplify, and call fetchAuthSession()
Call the graphql API response
header curl:
schema.graphql
Log output
aws-exports.js
/* eslint-disable */
// WARNING: DO NOT EDIT. This file is automatically generated by AWS Amplify. It will be overwritten.
const awsmobile = {
"aws_project_region": "ap-northeast-1",
"aws_appsync_graphqlEndpoint": "https://my-domain.appsync-api.ap-northeast-1.amazonaws.com/graphql",
"aws_appsync_region": "ap-northeast-1",
"aws_appsync_authenticationType": "API_KEY",
"aws_appsync_apiKey": "my key",
"aws_cognito_identity_pool_id": "my id",
"aws_cognito_region": "ap-northeast-1",
"aws_user_pools_id": "ap-northeast-my-id",
"aws_user_pools_web_client_id": "my id",
"oauth": {
"domain": "my-domain-staging.auth.ap-northeast-1.amazoncognito.com",
"scope": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
],
"redirectSignIn": "http://localhost:5173/",
"redirectSignOut": "http://localhost:5173/",
"responseType": "code"
},
"federationTarget": "COGNITO_USER_POOLS",
"aws_cognito_username_attributes": [
"EMAIL"
],
"aws_cognito_social_providers": [],
"aws_cognito_signup_attributes": [
"EMAIL",
"NAME"
],
"aws_cognito_mfa_configuration": "OFF",
"aws_cognito_mfa_types": [
"SMS"
],
"aws_cognito_password_protection_settings": {
"passwordPolicyMinLength": 8,
"passwordPolicyCharacters": []
},
"aws_cognito_verification_mechanisms": [
"EMAIL"
]
};
export default awsmobile;
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
The text was updated successfully, but these errors were encountered: