Hi, I followed this samples to create project , the protected page access is good. But Access the admin endpoint does not work, cause the permission is empty in access_token.
Can someone help to solve it, thank you.
Hi @Kin,
Welcome to the Auth0 Community!
You can include permissions to your access token by toggling on the Add Permissions in the Access Token option in your API settings.
I recommend checking out our API Settings for more details.
Thanks,
Rueben
Hi @rueben.tiow ,
I did before, but it dose not work for me
there are permissions and assigned to user
when I get the token in Test Tab ,then the token include permissions,
but when I through getAccessTokenSilently in the spa, then this token not include permissions
Hi @Kin,
I have just tested this myself and got the permissions in my access token successfully. You must ensure the user is authenticating against your API to get the permissions. The test tab is using the client credentials flow which is non-interactive. You will need to use the authorization code flow. Please refer to our Call Your API Using the Authorization Code Flow with PKCE documentation.
Thanks,
Rueben
Hi @rueben.tiow ,
I think my flow is authorization code flow.
I used the code on below to get token in my react SPA
<Auth0Provider
domain={domain}
clientId={clientId}
authorizationParams={{
audience: audience,
redirect_uri: redirectUri,
}}
onRedirectCallback={onRedirectCallback}
>
const { getAccessTokenSilently } = useAuth0();
</Auth0Provider>
audience from API Settings
and domain and clientid from Applications Settings
but the permissions also empty
Hi @Kin,
Thanks for the update.
Could you please DM me your tenant name to investigate further?
Thanks,
Rueben