We are in the process of migrating rules to actions. We have a rule that modifies the scope on the access token -
context.accessToken.scope = 'read:profile'
here that it is not possible to directly manipulate scopes from actions. Is there an indirect way to manipulate scopes from actions using the Management API?
Unfortunately I don’t think it’s possible at the moment. You can create a feature request for that using our Feedback category here:
Submit and vote on product feedback and feature requests.
Hello, is there still non way to modify scopes in Actions? I also want to migrate from Rules but this is a blocking point.
I heard that Rules will be deprecated one day, so what do you advise me to do?
Any progress on the same, I am on following few situation, only solution I see is to write Rules,
How to add roles
How to read Roles
how to write shared functions those can be used by more than one, without adding those to NPM
This is becoming higher priority now that Rules have an announced end of life.
What is the recommendation for replacing a Rule that currently modifies scopes?
that’s it, here we are…
no more way to deploy rules and no solution to dynamically assign scope with an action.
I am stuck !
I hadn’t seen the announcement of new features: it seems that we can finally modify the scope in an action :
Thanks for posting your question.
The specific changes include being able to make these calls:
SAML Mapping and Configuration
This is only for post-login action. All other action types have no way of updating scopes or permissions on an access token.
@konrad.sopala any suggestions? We’re trying to limit the scopes issued to the scopes requested. Since hooks and rules are no more how can this be accomplished with actions, or can Auth0 enable hooks and rules for machine to machine tokens?
Also for anyone else looking, I did find this which describes the problem of machine to machine issuing all scopes all of the time:
Fetching an M2M token returns all granted scopes/permissions instead of requested scopes - Auth0 Community