How to get permissions in auth token for react client?

Integrating Auth0 with React client has turned out to be challenging. I’m unable to retrieve scopes I have added to the API in the Auth0 website.

Given the following code to retrieve an access token to the client:

  useEffect(() => {
    async function getToken() {
      const token = await getAccessTokenSilently({
        ignoreCache: true,
        audience: `https://${domain}/api/v2/`,
        scope: 'read:current_user read:products write:products',
      console.log('got token', token);

    if (isAuthenticated) {

I successfully get an access token. However, it does not include read:products or write:products scopes.

Scopes that get returned with the access token are:
"scope": "openid profile email read:current_user"

Why doesn’t read:products and write:products get sent back?

I have added permissions to the specific user directly from Auth0 website.

Here is how Auth0Provider has been set up:

      domain={process.env.REACT_APP_AUTH0_DOMAIN || ''}
      clientId={process.env.REACT_APP_AUTH0_CLIENT_ID || ''}
      scope="read:current_user read:products write:products"
      <Provider store={store}>
        <App />

library versions used

"@auth0/auth0-react": "^1.2.0"
 "react": "^17.0.1"

It looks like you are requesting a management API token (specified by the audience param), not a token for whatever API is related to the read and write scopes you are expecting.

Is there a reason you need the management API audience?

1 Like

Thank you Dan, yes I had set audience to request mgmt API token, which obviously was not what I intended. Thank you for spotting.

1 Like

Glad we found the solution! Let us know if you have other questions.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.