Manipulate scopes for ID and Access Tokens using Actions GA

Hi,

Is there any strong reason why Auth0 decided to drop the support for direct manipulation of ID and Access Token scopes when they released Actions GA?

Although we experimented with providing direct manipulation of ID and Access Token scopes during the Actions Beta, we do not support this functionality in Actions GA.

This is very disappointing when you as developer are able to do so using the “legacy” Rules or Hooks, depending on the flow, even with the beta version of Actions was possible, but then you realize isn’t possible for you to completely migrate to Actions GA.

To my fellow developers out there, watch out with Actions GA before you decide on a fully migration from Rules and Hooks.

6 Likes

Hey there!

Let me follow-up on that and get back to you once I have some info to share!

Thank you so much Konrad! I will appreciate if there’s a short term plan to bring back the direct scopes manipulation in Actions GA.

Is there any update on this? I am too trying to migrate to actions from rules and I need to set the scope.

1 Like

Hi Billy,

I’ve been in touch with the Auth0 support team and they first said they would have an idea in late Q3/Q4 when they would be able to bring back this feature for Actions GA. In our last thread they mentioned they had to remove the direct scopes manipulation from Actions GA due to security reasons and don’t have an ETA right now. My last reply to them:

… customers that are currently manipulating the access token scopes through Rules or Hooks depending on the authentication flow, will need the same feature supported in Actions before migrating their code, otherwise those customers will complain since they will have to store the custom scopes in custom claims and change the interceptors at service level that accept the access tokens.

I hope they realize it would be a little bit disappointing for many people in the same situation.

Best regards,

5 Likes

Thanks for sharing that Howard with the rest of community!

1 Like

Hi Konrad,

Is there any possibility that we use the Hooks for direct scope manipulation in a M2M exchange and then we move it to Actions when the Auth0 Product Team is able to bring back this feature? It wouldn’t bother me to migrate that code from Hooks to Actions as long as we have reassurance from the Auth0 Product Team they will effectively support the feature in Actions by the time they decide to remove the Hooks.

Best regards,

Hi everyone,

I’m wondering if there is any update on this topic.

Does someone have a detailed explanation on why direct access to ID/Access token scope claim is not possible with Actions?

I’m in the same situation as everyone on this thread which is the start of the migration from Rules to Actions.
And this problem raises the legitimacy question of migrating from Rules to Actions with fewer functionalities/capabilities than before and with possible impacts (technical and cost) on the current code in production…

Best regards.

1 Like

Unfortunately zero updates from Auth0 on this topic. I reached out to their support team in mid 2021 and they mentioned in 2021 Q3/Q4 they would have a better idea when they could bring it back, but I didn’t hear from them since then. It’s very disappointing!

Hi Team,

Any update on this feature?

1 Like

I’m also hoping for an update soon.

This is also crucial functionality for us. We’re looking at migrating away from rules as we know they are being deprecated, but are not in a position to do so until this functionality is available. An ETA would be helpful.

1 Like

Hey All!

While I don’t have an ETA as of now, I can say that this is in progress and that there is no plan to deprecate rules while feature gaps still exist. Please see the following post:

Hope this helps at least for the time being, and thanks for your patience!

Any update about this? When will this be supported?

1 Like

Hey there!

As this topic is related to Actions and Rules & Hooks are being deprecated soon in favor of Actions, I’m excited to let you know about our next Ask me Anything session in the Forum on Thursday, January 18 with the Rules, Hooks and Actions team on Rules & Hooks and why Actions matter! Submit your questions in the thread above and our esteemed product experts will provide written answers on January 18. Find out more about Rules & Hooks and why Actions matter! Can’t wait to see you there!

Learn more here!