Missing API Permissions (or Scope?) in Access_Token

Hello Auth0 friends, how are you?

I am having trouble understanding and using the API permissions. Can you help me?

I have researched extensively for several days, but I could not solve it on my own, so I am seeking help.

To avoid mistakes that I might make, I am using the API TEST option on the Auth0 website, and what I do is take the access_token and ask for it to be decoded on the jwt.io website.

The problem is that the permissions of my APIs are never filled.

And I noticed that the same thing happens with the TODO api.

I am using a Regular Web application, and my APIs have the “Enable RBAC” options and “Add Permissions in the Access Tokens” checked.

But I tested the Auth0 Management API with them and things work, and it doesn’t come with the permissions but the SCOPE.

Thank you.

Hello @mrctito !

Good call! Have you made sure that the application you are using to test against the API is granted permissions? You can do so by navigating to the application → APIs → Permissions:

Let us know!

I have the same problem and I have included the permissions but they still don’t appear in scopes when I get access token in vue3 application