I’m trying to add custom scopes to an Access Token when performing Device Flow authentication. Whenever the Access Token is returned, they only scope available is “offline access”
The request is as follows:
curl -H ‘Content-Type:application/x-www-form-urlencoded’ -H ‘Accept-Encoding:gzip’ -X POST ‘https://bcd.auth0.com/oauth/device/code’ --data-binary ‘audience=https%3A%2F%2Fpltcloud.com&client_id=j_C0QQvnet1ZcK7W_BuENymAu_stdlqv&scope=upload%3Alogs+offline_access’
The response is as follows:
{
"device_code": "ueu9DRm9SJs4kfFSQyUMpG-A",
"expires_in": 900,
"interval": 5,
"user_code": "WHWH-CXVV",
"verification_uri": "https://bcd.auth0.com/activate",
"verification_uri_complete": "https://bcd.auth0.com/activate?user_code=WHWH-CXVV"
}
After completing the verification flow, I make the following request:
curl ’ -H ‘Content-Type:application/x-www-form-urlencoded’ -H ‘Accept-Encoding:gzip’ -X POST ‘https://bcd.auth0.com/oauth/token’ --data-binary ‘client_id=j_C0QQvnet1ZcK7W_BuENymAu_stdlqv&device_code=ueu9DRm9SJs4kfFSQyUMpG-A&grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Adevice_code’
The Access Token that comes back has only “offline_access” scope.
{
“iss”: “https://bcd.auth0.com/”,
“sub”: “github|792171”,
“aud”: “https://pltcloud.com”,
“iat”: 1568411059,
“exp”: 1568497459,
“azp”: “j_C0QQvnet1ZcK7W_BuENymAu_stdlqv”,
“scope”: “offline_access”,
“permissions”:
}
Is it possible to add a custom scope for device flow? The Application is set as OIDC compliant and the “upload:logs” scope is set on the “https://pltcloud.com” API.