I have a backend application performing the key/token swap.
I can currently log into my custom application verifying against microsoft.
However, I cannot for the life of me figure out how to get increased scopes to work with this login flow.
In my social connections, I have this:
Furthermore, my scopes in my application are:
var scopes = []string{
oidc.ScopeOpenID,
"profile",
"email",
"offline_access",
"https://graph.microsoft.com/Files.ReadWrite.All",
}
I have tried a multitude of scopes, adding/removing them from the Auth0 connections settings, and in my application, and I only ever receive the basic scopes.
I am using the oauth2 library for golang.
// oauth2.Config
conf := oauth2.Config{
ClientID: clientID,
ClientSecret: clientSecret,
RedirectURL: redirectURL,
Endpoint: provider.Endpoint(),
Scopes: scopes,
}
...
// login handler redirect
http.Redirect(w, r, conf.AuthCodeURL(state), http.StatusTemporaryRedirect)
What am I doing wrong here? I don’t have an “audience” property on an oauth2.Config object, so I can’t seem to set that. I also don’t have access to set custom headers for setting “connection_x” settings.
Is using the oauth2 library my problem here? Or something else?