How to get permissions in auth token for react client?

Integrating Auth0 with React client has turned out to be challenging. I’m unable to retrieve scopes I have added to the API in the Auth0 website.

Given the following code to retrieve an access token to the client:

  useEffect(() => {
    async function getToken() {
      const token = await getAccessTokenSilently({
        ignoreCache: true,
        audience: `https://${domain}/api/v2/`,
        scope: 'read:current_user read:products write:products',
      console.log('got token', token);

    if (isAuthenticated) {

I successfully get an access token. However, it does not include read:products or write:products scopes.

Scopes that get returned with the access token are:
"scope": "openid profile email read:current_user"

Why doesn’t read:products and write:products get sent back?

I have added permissions to the specific user directly from Auth0 website.

Here is how Auth0Provider has been set up:

      domain={process.env.REACT_APP_AUTH0_DOMAIN || ''}
      clientId={process.env.REACT_APP_AUTH0_CLIENT_ID || ''}
      scope="read:current_user read:products write:products"
      <Provider store={store}>
        <App />

library versions used

"@auth0/auth0-react": "^1.2.0"
 "react": "^17.0.1"

It looks like you are requesting a management API token (specified by the audience param), not a token for whatever API is related to the read and write scopes you are expecting.

Is there a reason you need the management API audience?

1 Like

Thank you Dan, yes I had set audience to request mgmt API token, which obviously was not what I intended. Thank you for spotting.

1 Like

Glad we found the solution! Let us know if you have other questions.