Hooks and id_token

alain.bodiguel · April 24, 2020, 6:53am

Hi, I’m using a rule to enrich my id_token with a “$namespace/permissions” claim.
How can I do the same with a hook: using client credentials grant, my application expects to find the claim in order to validate the authorization.

Thank you in advance,

mathiasconradt · April 24, 2020, 7:43am

Where do these permissions come from? Are you using Auth0’s RBAC core feature?
Another question: why do you need the permissions in the ID token and not the access token?

This might be a helpful post:

alain.bodiguel · April 24, 2020, 8:32am

The permissions come from RBAC indeed.
With my SPA app, I read the id_token to get the permissions (am I doing that right?).
With the M2M, you’re saying I can rely on the access_token to get the permissions? I can see indeed a claim “permissions” in it but it is missing my namespace. If I understang correctly the post you’ve quoted I should be able to enrich the access_token on my M2M app with a hook.

access_token['https://namespace/permissions'] = scope;

Ok, I’ve tried adding the following hook, and it does what I need. Thank you for your quick and efficient response!

system · May 9, 2020, 8:32am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Why is the scope claim included in an M2M Client Credentials token? Help scopes , permissions , scope	3	4090	September 21, 2020
Adding Scopes/Permissions to ID Token Help jwt	2	6311	January 3, 2022
Setting permissions per client for M2M applications Help	2	3931	August 27, 2020
Difference between scopes and permissions in access token Help scopes , permissions	5	10348	August 31, 2019
Empty "permissions" claim in M2M token Integration Help auth0 , api , support , permissions , machine-to-machine	7	1570	June 23, 2023

Hooks and id_token

Related topics