I have successfully created an Angular SPA which communicates with a REST backed. For this backend, I created Permission (aka Scopes) like “read:persons”, “edit:persons” ect.
I also created a small C# program for which I like to do some testing with the REST backend. So I copied code from the auth0 ‘Test’ tab of my API application to get a token. This generates the following code for me:
var client = new RestClient("https://dev-<my auth0-url>.com/oauth/token");
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"client_id\":\"<my-auth0-id>\",\"client_secret\":\"<my-auth-secret>\",\"audience\":\"<my-auth0-audience>\",\"grant_type\":\"client_credentials\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Now, when I embed this code into my console application the scopes are missing from this token. It is not clear how to add these to the token, I tried adding something like:
Ah, I now see, it does not work this way, copying the generated C# code from the ‘Test’ tab. I started over and created a small test Windows UWP application and this works. I only needed to supply the scopes on creation in and the audience when logging in. Here is the code of the UWP view, maybe it helps others because the documentation is not obvious on this point (or I cannot find it):
Constructor:
public YourConstructor
{
_client = new Auth0Client(new Auth0ClientOptions
{
Domain = "<your domain>",
ClientId = "<your client id>",
Scope = "openid email profile read:persons edit:persons <etcetera>"
});
}
Signin Button:
private async void SignIn_Click(object sender, RoutedEventArgs e)
{
LoginResult loginResult = await _client.LoginAsync(new
{
audience = "https://<your audience>" //This is the identifier of your REST API
});
if (loginResult.IsError) return;
}