Insufficient Scope but my token contains required permissions

In my case, I needed to provide “customScopeKey” and “customUserKey” as the default key is “user”, but in the “expressjwt 6.x.x” it was changed to “auth”. (GitHub - auth0/express-jwt: connect/express middleware that validates a JsonWebToken (JWT) and set the req.user with the attributes)

jwtAuthz(['read:company'], { customScopeKey: 'permissions', customUserKey: 'auth' })
1 Like