Hello Auth0 friends, how are you?
I am having trouble understanding and using the API permissions. Can you help me?
I have researched extensively for several days, but I could not solve it on my own, so I am seeking help.
To avoid mistakes that I might make, I am using the API TEST option on the Auth0 website, and what I do is take the access_token and ask for it to be decoded on the jwt.io website.
The problem is that the permissions of my APIs are never filled.
And I noticed that the same thing happens with the TODO api.
I am using a Regular Web application, and my APIs have the “Enable RBAC” options and “Add Permissions in the Access Tokens” checked.
But I tested the Auth0 Management API with them and things work, and it doesn’t come with the permissions but the SCOPE.