auth0-lock calls /authorize
endpoint to fetch sso data.
Although in lock config I specify the scope: 'openid'
const lock = new Auth0LockPasswordless(
APP_CONFIG.auth0.clientID,
APP_CONFIG.auth0.clientDomain,
{
container: 'lock-container',
auth: {
autoParseHash: false,
redirect: false,
params: {scope: 'openid'}
}
}
);
lock.show();
I see the request
https://moonmail.auth0.com/authorize?client_id=yxaHRVmAlZvPS9mwSbwzmy9Y24h8mKcV&response_type=token id_token&redirect_uri=http://localhost:3000/signin&scope=openid profile email&state=Qi9dIm2Xas-XoChMi~cTM1JY-MMinY-Y&nonce=u9hteNLakSoxy-O31FcHSfCqzqUBLjfl&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4yLjMiLCJsaWJfdmVyc2lvbiI6IjkuMi4zIn0=
scope=openid profile email
It results in an error:
{
"error":"invalid_request",
"error_description":"The generated token is too large. Try with more specific scopes.",
"error_uri":"https://auth0.com/docs/scopes",
"state":"Qi9dIm2Xas-XoChMi~cTM1JY-MMinY-Y"
}
How can I change the scope in the sso request?