This article provides recommendations for configuring the audience parameter in Auth0 when multiple websites or applications must call different APIs. A common issue occurs when an access token generated for one API audience is used to call a second, separate API, which causes an error because the audiences do not match.

• Auth0
• API Authorization
• Audience Configuration
• Multiple APIs

A single access token does not currently support multiple audience values. An access token is minted for a specific audience and can only be used to authorize against that single entity.

To resolve this, select one of the following approaches:

• Request Separate Tokens: Authorize a second time (for example, by using silent authentication) to request a new access token with a different audience. This new token can then be used for the second API.

• Use a Logical API: Configure a single logical API in the Auth0 Dashboard to represent all the distinct API implementations. This method simplifies the process to a single authorization flow. Access to the individual APIs is then controlled by assigning appropriate scopes.

  • For more information, see Set Up a Logical API in the Dashboard.

  • A video guide is also available