I am having an issue where when I request a token using OAuth from Postman, the Auth0 Authentication API Debugger, or my own application it will not return the scopes that I request except for standard OIDC/profile ones like profile
, email
, offline_access
.
- I have confirmed that I am sending the request with my audience (
https://<domain>/oauth/token?audience=https%3A%2F%2Fapi.projekter.opsella.com
) - The API has RBAC enabled.
- I have also ensured that the users show that they have been assigned permissions, either via role or direct assignment.
- I’m not using any actions/triggers or any of the (deprecated) rules/hooks.
I am attempting to use the Auth0 organization feature, so maybe there is some config there that I am missing? I’m pretty confident that I have my request setup correctly in postman though I could be wrong. I’m not sure what I’m missing here that would be causing this issue. This was working about a week ago and then while I was doing my development I cleaned up some of the organizations and recreated them and now the scopes stopped showing up.