Insufficient Scope due to token data having different customeUserKey and scopeKey

my JWT payload looks like this:-

{
  "http://example.com/domains": [
    "A",
    "B"
  ],
  "http://example.com/policies": {
    "A": {
      "roles": [
        "rol_.........................."
      ],
      "permissions": [
        "*"
      ]
    },
    "B": {
      "roles": [
        "rol_......................"
      ],
      "permissions": [
        "*"
      ]
    }
  },
  "iss": "https://example.auth0.com/",
  "sub": "google-oauth2|11111111111111111",
  "aud": [
    "http://example.com/api/",
    "https://example.com/userinfo"
  ],
  "iat": 1212121212,
  "exp": 16161616161,
  "azp": "B............................................T",
  "scope": "openid profile email",
  "permissions": []
}
const NAMESPACE_POLICIES = "http://example.com/policies/"
var options = {
  customUserKey: NAMESPACE_POLICIES,
  customScopeKey: "A",
};

const checkScopes = jwtAuthz(["*"], options);

This is giving:- Insufficient Scope

we can’t pass anything other than a string to option
So what could be the possible solution to this

Hi @testforsantosh,

Welcome to the Community!

Not sure what is going on here, can you please post the whole rule? If it’s sensitive please DM it to me.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.