IDToken not returned when additional scopes are defined

kelvin.lo · April 16, 2018, 4:46pm

For completeness, I’ve included below the steps corresponding to the above, but with only scope=“openid”

Sign In with Auth0
token exchange request body:
{
grantType: authorization_code
clientId: D2XTLMKl50letQEGgfo0LQccizZAUCjo
code: rzf11xj7_MB2QAxj
codeVerifier: wNJy2CcukoNu_oFThm4H5RU2d1WDNEm8VAACOeRWOS8
redirectUri: http://localhost:8086/ui
}
token exchange response body:
{
accessToken: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1EaEJRVGRET1RZNU1FWXhOREJCTlRnNU1UUkZRa05ETUVRME1qSXpRelEyTURBNFJFVTVOZyJ9.eyJpc3MiOiJodHRwczovL2lkdmVyaWZhY3QuYXV0aDAuY29tLyIsInN1YiI6Imdvb2dsZS1vYXV0aDJ8MTA1OTg4NjkyMTQ4Mzc1ODAyOTc3IiwiYXVkIjpbImh0dHBzOi8vbWVkaWF0aW9uLnNlY3VyZWtleS5jb20iLCJodHRwczovL2lkdmVyaWZhY3QuYXV0aDAuY29tL3VzZXJpbmZvIl0sImlhdCI6MTUyMzg5NjQ1OSwiZXhwIjoxNTIzOTgyODU5LCJhenAiOiJEMlhUTE1LbDUwbGV0UUVHZ2ZvMExRY2NpelpBVUNqbyIsInNjb3BlIjoib3BlbmlkIn0.l4O3_FNTo_kdifFD2QfOLlenScAvmEYAhWc5_DoYUttM3i60FM-Nyy-JdCb3mhSS6IfGQuBO1xYjq-5qpfX2KRx8uf9EWsHqMp_xvJ5ox3G6G9abN0B5rTtJv7zxVK643j3_-B6N-mQyACF4H73V54urrgtCFs5XfGBvFpCSruD9A8B5FlhOv17NulsRmGcpSajXEFTKqIhJP0MpdhTNR2xKG5kulS-stDZDKTs9g4te-478P7uQFv6Xj3QzQZBr8VP70Uh4PvTvGPHiSX-e7thdo8TmYc0gsBfek2_BuXEUlf9m3EXb1gIzrlhFII25GMZ0Mtw-ZwIQMT46Agt3OQ
refreshToken: null
idToken: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1EaEJRVGRET1RZNU1FWXhOREJCTlRnNU1UUkZRa05ETUVRME1qSXpRelEyTURBNFJFVTVOZyJ9.eyJodHRwczovL3d3dy5zZWN1cmVrZXkuY29tL3RpdGxlIjoiTXIuIiwiaHR0cHM6Ly93d3cuc2VjdXJla2V5LmNvbS9naXZlbl9uYW1lIjoiS2VsdmluIiwiaHR0cHM6Ly93d3cuc2VjdXJla2V5LmNvbS9taWRkbGVfbmFtZSI6Ikx1Y2lmZXIiLCJodHRwczovL3d3dy5zZWN1cmVrZXkuY29tL2ZhbWlseV9uYW1lIjoiTG8iLCJodHRwczovL3d3dy5zZWN1cmVrZXkuY29tL2hvbm9yaWZpYyI6Ik1CQSIsImh0dHBzOi8vd3d3LnNlY3VyZWtleS5jb20vcGhvbmVfbnVtYmVyIjoiNDE2LTk3NC0xMTExIiwiaHR0cHM6Ly93d3cuc2VjdXJla2V5LmNvbS9hZGRyZXNzIjp7InN0cmVldF9hZGRyZXNzIjoiNDEwMSBZb25nZSBTdHJlZXQiLCJsb2NhbGl0eSI6IlRvcm9udG8iLCJyZWdpb24iOiJPTiIsInBvc3RhbF9jb2RlIjoiTTJQIDFONiIsImNvdW50cnkiOiJDQSJ9LCJodHRwczovL3d3dy5zZWN1cmVrZXkuY29tL2JpcnRoZGF0ZSI6IjE5NzQtMDItMjkiLCJodHRwczovL3d3dy5zZWN1cmVrZXkuY29tL2VtYWlsIjoia2VsdmluLmxvQHByb2RpZ3lsYWJzLm5ldCIsImh0dHBzOi8vd3d3LnNlY3VyZWtleS5jb20vY3VzdG9tZXJfcmVmX251bSI6IjdmZTFiNTA1LTQzMGMtNGY1YS04ZTMyLTEwOGVmYjA1NTNmOCIsImh0dHBzOi8vd3d3LnNlY3VyZWtleS5jb20vdmVyaWZpY2F0aW9uX2RhdGUiOiIyMDE4LTAzLTAyIiwiaHR0cHM6Ly93d3cuc2VjdXJla2V5LmNvbS9hY2NvdW50Ijp7InR5cGUiOiJkZXBvc2l0IiwibnVtYmVyIjoiYWNjb3VudE51bS0xIiwiaW5zdGl0dXRpb24iOiJTZWN1cmVCYW5rIiwic3RhdHVzIjoib3BlbiJ9LCJpc3MiOiJodHRwczovL2lkdmVyaWZhY3QuYXV0aDAuY29tLyIsInN1YiI6Imdvb2dsZS1vYXV0aDJ8MTA1OTg4NjkyMTQ4Mzc1ODAyOTc3IiwiYXVkIjoiRDJYVExNS2w1MGxldFFFR2dmbzBMUWNjaXpaQVVDam8iLCJpYXQiOjE1MjM4OTY0NTksImV4cCI6MTUyMzkzMjQ1OX0.WzamKZbxPufh1hHm37tQmWkofkFHS-oAZdMKe37usFksr36DaI7tm1ZdkHSkUgK4pJbMriGBLir8UWGQqIS9Y0_CUOeZ16Jhg3ptBdIjT-RlvU4VsBhIefPlqKrdgWCabGATeBSvwWfKXTYIhNu1jJnI4nv4kkG7srHYgDX6C-kBoL_fgWNJIJtvufBaIAGS4jiI-WNtxW8MF-Hvad1YDiXtN8j2J3-ISVts7G01b_mgPAU2Efu9H_RRK8ugqJ-AcOOU-_ZvM0p6SMBAaeYSlb7UivK25SzyO9LH3SCvzDUhEIy8AMeyLE3c-jUUtY-LCgxRfLmmJ74kADgmvioJDQ
tokenType: Bearer
expiresIn: 86400
}

As you can see, this does include the id_token in the response if I only specify “openid” in the scope during the initial /authorize request.

Topic		Replies	Views
"id_token" missing in "/oath/token" response when Rule adds custom scope to "context.accessToken" Get Help id_token , rules , access-token , authorization-code-f	8	10714	August 17, 2019
Identity token does not include scopes when using authorization code flow JWT.io authorization-code	5	10810	September 21, 2020
Id_token and refresh_token are missing in the /oauth/token response Get Help token , id_token , rules , access_token , refresh_token	2	3442	September 20, 2019
No receiving IDToken Get Help	3	2387	July 8, 2020
Authorize endpoint not returning requested scopes Get Help login	3	4386	August 19, 2019

IDToken not returned when additional scopes are defined

Related topics