Refresh with refresh_token not returning permissions

derekn · January 27, 2022, 7:54pm

We’ve been working to move our authentication out to auth0. So far so good and we have password authentication working and we’ve enabled RBAC and therefore the access_token provides us with the permissions granted to a user.

The issue we’re running into is that when using the refresh_token to gain a new access_token, the access_token provided back is giving us the permissions array, but it is empty. Is there something we need to do/configure to allow the refresh to also include the permissions? Nothing stood out in the Application/API configurations.

Thanks in advance.

derekn · January 27, 2022, 8:39pm

I guess we can close this out. Not sure what the issue was. Our initial testing using Postman the access_token coming back did not contain the perms but oddly after moving forward with the implementation in Go the access_token has them.

Sorry about that.

Topic		Replies	Views
Refresh Token does not include org and permission Help auth0 , refresh-tokens , refresh-token-rotate	5	3151	January 7, 2022
Assistance Required: Permissions Missing in Access Token for Custom API in Auth0 Help management-api , grants	1	435	March 5, 2024
Cannot get refresh token on Resource Owner Password Grant Help refresh-tokens	4	4306	October 26, 2019
First time login missing permissions in the access token JWT.io jwt , login	4	4016	November 1, 2022
Permissions not appearing within token Help	4	2420	September 16, 2020

Refresh with refresh_token not returning permissions

Related Topics