Insufficient scope, expected any of: read:roles

Help
,
1

How to add scope for specific application via dashboard in auth0? Trying to get roles with permission using management library. But when hit it getting below error. Attached rule script below. Commented the code for permission, and verified the access token response the scope doesn’t contains read:roles. How do I add it? Help me to resolve this!
Error:
(node:18) UnhandledPromiseRejectionWarning: APIError: {"statusCode":403,"error":"Forbidden","message":"Insufficient scope, expected any of: read:roles","errorCode":"insufficient_scope"}

// code

 const assignedRoles = context.authorization ? context.authorization.roles : null;
  
   var roleId = "rol_Xh28p7lUK0PYVd9o";
    const roleWithPermissions = await management.getPermissionsInRole(roleId);
   management.getPermissionsInRole(params, function (err, permissions) {
      console.log(permissions);
   });
    console.log(roleWithPermissions);

// response

{“access_token”:“eyJhbGMYtAK2qAIcEGot4Rx5mx9-agW6SfWgjZDaHofY1EHZWQhhIoPohHjpyPim5-poA4qqUJXb4ABfambIzGVFJVkP9sfJwnTPTDBHRlWiQ5u8ENakq0FomfuMrmCnVPSJKIYoUCQRlPQFLnLcxFxqvQtgmAW8yXxTyFrFKhmJ5tGdLEXxDyKVlha02IF59MFWUBxT41a2cw”,“scope”:“read:current_user update:current_user_metadata delete:current_user_metadata create:current_user_metadata create:current_user_device_credentials delete:current_user_device_credentials update:current_user_identities”,“expires_in”:86400,“token_type”:“Bearer”}

3

Hi @selvi,

You can update an application’s Management API permissions in the dashboard under the API’s M2M settings.

Click the dropdown arrow to read and updates permissions:

image
image2950×1686 421 KB

2 Likes
4

Updated the permission under System API. Added below rules to get permission for certain role. But still getting the Same error. Attached the below error

// code

var roleId = “rol_Xh28p7lUK0PYVd9o”;
const roleWithPermissions = await management.getPermissionsInRole(roleId);

Error:

(node:18) UnhandledPromiseRejectionWarning: APIError: {"statusCode":403,"error":"Forbidden","message":"Insufficient scope, expected any of: read:roles","errorCode":"insufficient_scope"} at /data/_verquire/_node12/auth0-extension-s3-tools/1.1.1/node_modules/rest-facade/src/Client.js:387:27 at Request.callback (/data/_verquire/_node12/auth0-extension-s3-tools/1.1.1/node_modules/rest-facade/node_modules/superagent/lib/node/index.js:728:3) at /data/_verquire/_node12/auth0-extension-s3-tools/1.1.1/node_modules/rest-facade/node_modules/superagent/lib/node/index.js:916:18 at Stream.<anonymous> (/data/_verquire/_node12/auth0-extension-s3-tools/1.1.1/node_modules/rest-facade/node_modules/superagent/lib/node/parsers/json.js:19:7) at Stream.emit (events.js:314:20) at Stream.EventEmitter.emit (domain.js:506:15) at Unzip.<anonymous> (/data/_verquire/_node12/auth0-extension-s3-tools/1.1.1/node_modules/rest-facade/node_modules/superagent/lib/node/unzip.js:55:12) at Unzip.emit (events.js:326:22) at Unzip.EventEmitter.emit (domain.js:506:15) at endReadableNT (_stream_readable.js:1241:12) at processTicksAndRejections (internal/process/task_queues.js:84:21)

10:08:38 AM:

(node:18) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1) (node:18) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
5

Can you please DM me your tenant name and the name/client ID of the app that is requesting the token? Thanks!