How to get scopes after universal authentication?

Hello community,

I’m using universal authentication following the guides:

https://auth0.com/docs/quickstart/spa/angular2/01-login
https://auth0.com/docs/quickstart/spa/angular2/03-calling-an-api
https://auth0.com/docs/quickstart/spa/angular2/04-authorization

My purpose is to create an application interacting with a WebApi with protected resources.

The login works fine using the (01) steps. However, the token after authentication doesn’t include the scopes in the payload, therefore I’m not able to authorize to my WebApi as it does not find the scopes when parsing the token provided by Auth0.

Here I highlight the angular configuration for the application that calls auth0 on login:

auth0 = new auth0.WebAuth({
        clientID: AUTH_CONFIG.clientID,
        domain: AUTH_CONFIG.domain,
        responseType: 'token id_token',
        redirectUri: AUTH_CONFIG.callbackURL,
        audience: 'https://test-app/api',
        scope: 'openid profile read:products'
    });

I followed the steps of creating WebApi in auth0 with api identifier as _https://test-app/api_ and added the read:products scope to it.

Is there anything I could be missing here to get the scopes?

Best regards,
Luciano

Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?