We are having the most frustrating experience with the Authorization Extension.
We were able to access the groups, roles, and permissions in the app_metadata section of /userinfo on Monday October 2nd. When giving a client demo on October 3rd, we were no longer getting app_metadata. The working code was sending in a scope of
While troubleshooting, we came across this post in the community with other users reporting the same issue. We noticed in the code sample from @jmangelo that he was using
scope=openid+profile+email. We updated our code to the same, and it began returning the expected profile again. I shared this feedback with @abhishek.hingnikar on a concierge call on October 13th.
In this week’s demo, the userinfo is again not returning the groups, roles, or perms in the app_metadata when sending
openid profile or
openid+profile. It was quite embarrassing for us.
Here is the real kicker- when we use the “Try All Rules” in the dashboard for Rules, we get exactly what we expect- the user profile with the groups, roles, perms in the app_metadata.