Failed to decode in jwt

[openedhardware]

I got this error while running your sample code.

File "C:\Python34\lib\site-packages\jwt\api_jwt.py", line 61, in decode
    payload, signing_input, header, signature = self._load(jwt)
  File "C:\Python34\lib\site-packages\jwt\api_jws.py", line 138, in _load
    raise DecodeError('Not enough segments')

  File "C:\Python34\lib\site-packages\jwt\api_jws.py", line 135, in _load
    signing_input, crypto_segment = jwt.rsplit(b'.', 1)
ValueError: need more than 1 value to unpack

It seems like api_jws expects token value to contain b'.'
But my token was just ZSuxk8aa8KAh5idJ

Any idea?

P.S. I just checked the pyjwt library, and it says that it needs comma-based token value.
http://pyjwt.readthedocs.io/en/latest/

>>> import jwt

>>> jwt.encode({'some': 'payload'}, 'secret', algorithm='HS256')
'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb21lIjoicGF5bG9hZCJ9.4twFt5NiznN84AWoo1d7KO1T_yoc0Z6XOpOVswacPZg'

>>> jwt.decode('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb21lIjoicGF5bG9hZCJ9.4twFt5NiznN84AWoo1d7KO1T_yoc0Z6XOpOVswacPZg', 'secret')
{'some': 'payload'}

[opyate]

I'm confused by this too. I ended up using my id_token (which makes python-jose happy), yet Auth0 just recommend I just use auth as per https://auth0.com/docs/api-auth/tutorials/adoption/api-tokens

What did you end up doing?

[chenkie]

The correct way to do it is to use access tokens

[ryanalane]

I had this same error, but when the token was actually not making it to the server-side (typo when setting the Authorization header on the client).

The access token (and thus the value of jwt, before the jwt.encode('utf-8') call in that class), should be valid a JWT. Try validating it here: https://jwt.io/.

ZSuxk8aa8KAh5idJ can't be a valid JWT.