Auth0 Home Blog Docs

How to get scopes after universal authentication?

authentication-api
scopes
api-authorization

#1

Hello community,

I’m using universal authentication following the guides:



My purpose is to create an application interacting with a WebApi with protected resources.

The login works fine using the (01) steps. However, the token after authentication doesn’t include the scopes in the payload, therefore I’m not able to authorize to my WebApi as it does not find the scopes when parsing the token provided by Auth0.

Here I highlight the angular configuration for the application that calls auth0 on login:

auth0 = new auth0.WebAuth({
        clientID: AUTH_CONFIG.clientID,
        domain: AUTH_CONFIG.domain,
        responseType: 'token id_token',
        redirectUri: AUTH_CONFIG.callbackURL,
        audience: 'https://test-app/api',
        scope: 'openid profile read:products'
    });

I followed the steps of creating WebApi in auth0 with api identifier as https://test-app/api and added the read:products scope to it.

Is there anything I could be missing here to get the scopes?

Best regards,
Luciano