I am currently using Auth0
for authentication
in my SPA and I defined some scopes
to be added to the token
in order to restrict the actions of the user on the resources.
My problem is that I allowed connections with Google
and LinkdIn
, and the token that is being generated does not contain the scopes
I defined. Should I create some rule to add these to the token?
Token with all scopes:
Token without all scopes:
Help would be greatly appreciated!