Question: I keep getting the error “The generated token is too large. Try with more specific scopes” when working with JWTs. What do I need to do?
The cause is usually due to a NON-OIDC comformant application requesting profile scope causing size of the ID Token to be bigger than allowed. This is because Non-OIDC clients return full user profile when scope profile is requested.
The maximum allowed size for an ID Token is around 3.5kb.
There are a few things you can do to fix:
- Make the client application OIDC Comformant: https://auth0.com/docs/api-auth/intro
- Remove unnecessary scopes
- Check Rules if ID token is getting assigned big variables.