This is with regards to the QuickStart: Auth0 Spring Boot API SDK Quickstarts: Authorization
I get an Error Code of 403 when I hit the endpoint:
@GetMapping(value = “/private-scoped”)
public Message privateScopedEndpoint() {
return new Message(“All good. You can see this because you are Authenticated with a Token granted the ‘read:messages’ scope”);
}
I have created the permission “read:messages” and assigned it to a role and added that role to the user.
When I look up the individual user, I see that the role and permissions are assigned to the user. However, I don’t see the permissions/scope for the user when I look at the “Raw JSON”. Don’t know if that’s supposed to show there.
I’ve tried modifying the SecurityConfig in multiple ways, but no luck:
- .mvcMatchers(“/api/private-scoped”).hasAuthority(“SCOPE_read:messages”)
- .mvcMatchers(“/api/private-scoped”).hasAuthority(“read:messages”)