I have been trying to find a way to give access to write posts to an auth0 login user with Twitter. But unable to find a solution in the docs/AI/ or forums.
The request is done with handleAuth and adding extra customParams to the handleLogin:
import { handleAuth, handleLogin } from "@auth0/nextjs-auth0";
export const GET = handleAuth({
login: async (req, res) => {
try {
return await handleLogin(req, res, {
authorizationParams: {
connection_scope: 'openid profile email tweet.write tweet.read users.read'
}
});
} catch (error) {
return new Response("error");
}
}
});
I will be using both login access (Twitter and Google) to test the reach of the handleLogin authorizationParams with the scopes tweet.write tweet.read users.read
that are needed to create posts on behalf of users that are logged in the platform.
Trying this with a Twitter login will return this screen, only asking for profile access and ignoring the scopes from Twitter inside connection_scope
.
The odd thing is that if I try to access with the exact same scope in other social platforms, for example, google. The scope is correctly added to the request, throwing an error for those invalid scopes.
Some requested scopes were invalid. {valid=[openid, https://www.googleapis.com/auth/userinfo.profile, https://www.googleapis.com/auth/userinfo.email], invalid=[tweet.read, users.read, tweet.write]}
Error 400: invalid_scope
Asking for more permissions is even possible from auth0?
I didn’t find anywhere in the platform docs that will clarify this.