Auth0 UI and generated token display max 100 user permissions

Hi, we noticed that Auth0 truncates the list of permissions in the generated token. In the token and on the management console, Auth0 displays max 100 permissions for each user.

Our hypothesis is that this bug is caused by how the token engine and ui fetch the set of permissions assigned to a user.

IIUC, there’s an Auth0 endpoint that can be used to paginate through the complete set of permissions. This endpoint is used by the UI and token engine. However from what we can see, the UI only displays the first page of permissions, even if more are available.

Could the token engine have the same issue with pagination?

Hi @ecotg,

Welcome to the Auth0 Community and I apologize for the delayed response!

I noticed there is a related support ticket that has resolved this issue. I am going to sum up the findings here for future users.

Currently, Auth0 limits the permissions array in the token to 100 entries. This is performance a decision and is an intended behavior.

As for the Dashboard display, this is not intended, and is in our team’s backlog.

I apologize for the gap in our documentation on this issue and hope this helps clarify for our future users.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.