Hello,
I’m working on a rule used to add roles to the access token via management API. Before that I get the user roles (as I need them to check the existing roles)
Here is what I’m doing:
const ManagementClient = require('auth0@2.35.0').ManagementClient;
const management = new ManagementClient({
token: auth0.accessToken,
domain: auth0.domain
});
const rolesParams = { id: user.user_id };
management.getUserRoles(rolesParams,function (err, user){
if (err) {
// Handle error.
console.log(err);
}
console.log("success :::", user);
callback(null, user, context);
});
......
I got this error when executing this code:
Forbidden: Insufficient scope, expected one of: read:users AND read:roles, OR read:role_members
I checked the M2M permissions, they are all checked (including read:users, read:roles, read:role_members)
when I tried to decode the token generated by auth0.accessToken , obviously, the scope does not include the required permissions
"scopes": {
"users": {
"actions": [
"read",
"update"
]
}
}
Any help appreciated