Hello friends, I have a problem when checking the permissions in node js, the issue is that I have everything configured correctly and I cannot enter the “permissions” nesting, however, I do have access to the scopes, but if I try to enter the permissions section i cant
PD: application type SPA
User.ts (router)
const jwtAuthz = require(‘express-jwt-authz’);
userRouter.get(${prefix}/list
, jwtAuthz([“read:messages”], { customScopeKey: “permissions” }), (req: Request, res: Response)=>{
res.send(‘USERS’)
})
I also leave the code snippet where I validate the token in case it was of any use, even though the validation of the token is correct
const express = require(‘express’);
const { auth } = require(‘express-oauth2-jwt-bearer’);
export const checkJwt = auth({
audience: 'https://mi-audiencie-com ,
issuerBaseURL: https://mi-url.auth0.com/
,
});
Images configuratión Api panel Auth0
API
Information token
1 Like
I am having a similar problem and I have tried using both these methods:
const { auth, requiredScopes } = require(‘express-oauth2-jwt-bearer’);
const checkScopes = requiredScopes(‘see:usernames’);
const jwtAuthz = require(“express-jwt-authz”);
const checkScopes = jwtAuthz(‘see:usernames’);
Both are giving the same error with “Insufficient Scope”.
When I log my token it clearly shows (pasted below) that the user has the assigned permission:
{
“scope”: “openid profile email”,
“permissions”: [
“see:usernames”
]
}
Please help this has been a terrible experience!!
1 Like
eliza
June 12, 2023, 12:53pm
4
I have the same issue. Tried with both the packages
const checkScopes = requiredScopes('read:messages');
as well as
const checkScopes = jwtAuthz(['read:messages']);
Also my token has the permission listed
"scope": "openid profile email",
"permissions": [
"read:messages"
]
I also tried the variations with passing options
const checkScopes = jwtAuthz(['read:messages'], {
customScopeKey: 'permissions', customUserKey: 'auth'
});
None of these seemed to work. Keep getting the error “Insufficient Scope”