Integrating Auth0 with React client has turned out to be challenging. I’m unable to retrieve scopes I have added to the API in the Auth0 website.
Given the following code to retrieve an access token to the client:
useEffect(() => {
async function getToken() {
const token = await getAccessTokenSilently({
ignoreCache: true,
audience: `https://${domain}/api/v2/`,
scope: 'read:current_user read:products write:products',
});
console.log('got token', token);
}
if (isAuthenticated) {
getToken();
}
});
I successfully get an access token. However, it does not include read:products or write:products scopes.
Scopes that get returned with the access token are:
"scope": "openid profile email read:current_user"
Why doesn’t read:products and write:products get sent back?
I have added permissions to the specific user directly from Auth0 website.
Here is how Auth0Provider has been set up:
ReactDOM.render(
<React.StrictMode>
<Auth0Provider
domain={process.env.REACT_APP_AUTH0_DOMAIN || ''}
clientId={process.env.REACT_APP_AUTH0_CLIENT_ID || ''}
audience={audience}
scope="read:current_user read:products write:products"
redirectUri={window.location.origin}
>
<Provider store={store}>
<App />
</Provider>
</Auth0Provider>
</React.StrictMode>,
document.getElementById('root'),
);
library versions used
"@auth0/auth0-react": "^1.2.0"
"react": "^17.0.1"