When I use the authorization code flow. The returned identity token does not include the requested custom scopes. These scopes are configured for both the api and the user. When using the implicit flow the scopes are included in the returned token. Does the authorization code flow behave differentl…

Hi @evansnd See this page: Sample Use Cases: Scopes and Claims You probably need to define the scope. You’ll also need to specify the audience (and that is why the access token is not a valid JWT). You might consider switching to Auth0’s Quickstart for Angular. John

Identity token does not include scopes when using authorization code flow

JWT.io

dan.woda August 12, 2020, 6:00pm 6

Thanks @john.gateley!

In addition, your access token is opaque. See this FAQ for more info:

http://community.auth0.com/t/why-is-my-access-token-not-a-jwt-opaque-token/31028

Topic		Replies	Views
Identity token does no scopes when using authorization code flow Get Help auth0	2	3877	August 26, 2020
Auth0 JWT doesn't have requested API Scopes Get Help jwt , scopes	10	4812	September 4, 2021
Type of the token Get Help jwt , access-token	4	3197	April 29, 2019
Add custom scopes in the access token ( Authorization code flow with OIDC provider) Get Help	9	27318	June 24, 2022
IDToken not returned when additional scopes are defined Get Help	5	9202	September 3, 2019

Identity token does not include scopes when using authorization code flow

Related topics