How to define Scope on API login using Machine to Machine app

I’m implementing an authentication challenge in an Apple Business Chat conversation
I’m using a Machine to Machine app with the management API.
Apple calls the authorize endpoint with the client ID of my Auth0 App - this present the Auth0 login screen.
User inputs credentials and then the oauth/token endpoint is called and an Access Token is returned to the “Agent” side.
On the Agent side, I have an app that calls /userinfo with the Access Token, but all I get in return is {}

I’ve been reading that I need to define the scope - where do I define this? Is it in the oauth/token call to Auth0 made by Apple?

So I removed the OIDC Conformant option from the application (can be found under Advance Setting>>OAuth)
Now I get a response will all user data and meta data. Not sure this is the right approach but it works…

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.