Laravel middleware route Authorize Auth0

corentin.couzigou · March 30, 2022, 7:52am

hello, I present to you the starting postulate:
I made a front application in angular with the auth0 SDK. It returns a token with the interceptors to my back application in laravel. I made this api with also the auth0 SDK.
I made a front application in angular with the auth0 SDK. It returns a token with the interceptors to my back application in laravel. I made this api with also the auth0 SDK.
I then perform on my private route a verification of my token:

Route::get(‘/private/scoped/userslist’, [MainController::class, ‘getAllUsers’])->middleware([‘auth0.authorize:read:users’]);

End of my token acces :
“scope”: “openid profile email”,
“permissions”: [
“read:users”
]
However, access is denied. I don’t really understand how authr0 middleware works and is it scalable? Thanks you for your help.

dan.woda · March 31, 2022, 3:21pm

Hi @corentin.couzigou,

Welcome to the Auth0 Community!

It looks like the middleware may be expecting the read:users string in the scope claim. You can configure this by turning off the * Add Permissions in the Access Token* toggle in the API settings.

Here is a link that shows how it would look in the dashboard. Add Permissions in the Access Token

Let me know if that resolves it!

Topic		Replies	Views
REST API with Laravel Help auth0-php , sdks-quickstarts	1	1522	June 20, 2023
Need help with scopes/permissions in my laravel/auth0 flow Help auth0 , laravel , laravel-6	0	3781	October 9, 2019
How to get user ID and use to consume endpoint Help	5	7333	March 4, 2020
Auth0 JWT does not have permissions Help login , access-token , permissions , laravel	12	5761	June 28, 2022
Help with Laravel 10 and latest version of auth0 (middleware conflict) Help laravel-auth0 , sdks-quickstarts	2	1854	June 3, 2024

Laravel middleware route Authorize Auth0

Related Topics