Incorrect scopes in JWT using Authorization Extension

dave.ashman1 · March 9, 2018, 8:33am

Hi there,

We currently have a few clients in a tenant, and have up until now been using CLIENT X. We have set up roles via the Authorization Extension and all of the correct scopes for a user get returned when the user logs in, eg: openid profile read:dashboard read:login

However, we are now needing to change the client we are using to CLIENT Y. We have setup everything for this client EXACTLY the same as the first and created an identical role, but for this client, and assigned it to the same user, using the same Audience.
The problem is, we now get all of the scopes assigned to THE API, not scopes specific to this role eg: openid profile read:login read:myaccount read:dashboard. So this includes read:myaccount, which it should not.

Many thanks,
Dave

konrad.sopala · December 18, 2018, 2:42pm

Hey @dave.ashman1

As it has been more than a few months since this topic was opened and there has been no reply or further information provided from the community as to the existence of the issue we would like to check if you are still facing the described challenge?

We are more than happy to assist in any way! If the issue is still out there please let us know so we can create a new thread for better visibility, otherwise we’ll close this one in week’s time.

Thank you!

konrad.sopala · December 24, 2018, 5:14pm

This topic was automatically closed after 6 days. New replies are no longer allowed.