Node.js and TypeScript Tutorial: Secure an Express API

dan-auth0 · August 29, 2022, 12:28pm

Can you try the following, please?

Verify that the admin user has the right permissions.
Log in as the admin user using an incognito/private browser tab.

Do you still see the same error?

malikmahmud · September 15, 2022, 3:31pm

The latest version of the express-jwt package stores the decoded jwt payload in “req.auth” not “req.user”. The express-jwt-authz looks for your scopes on the req.user object by default (which will be undefined). Try updating the “checkPermissions” function like this:

dan-auth0 · September 15, 2022, 8:40pm

Welcome to our community! That’s right! Let me take care of updating that. Thanks for taking the time to read the blog post and to share this fix.

Topic		Replies	Views
Form Validation Bug in WHATABYTE Auth0 Code Feedback bug , bugs	2	3743	March 18, 2021
Node.js and Express Tutorial: Building and Securing RESTful APIs Blog Discussions node , nodejs , node-auth0	25	10910	September 5, 2023
Use TypeScript to Create a Secure API with Node.js and Express Blog Discussions node , nodejs , express , typescript	27	8831	March 2, 2022
Node.js API Authorization: Complete Guide with TypeScript Developer Hub authorization , express , typescript	0	2706	October 12, 2022
Express.js TypeScript Authorization: Basic API Access Control Developer Hub api , authorization , express , typescript	0	2595	December 14, 2021

Node.js and TypeScript Tutorial: Secure an Express API

Related topics