Refresh with refresh_token not returning permissions

derekn · January 27, 2022, 7:54pm

We’ve been working to move our authentication out to auth0. So far so good and we have password authentication working and we’ve enabled RBAC and therefore the access_token provides us with the permissions granted to a user.

The issue we’re running into is that when using the refresh_token to gain a new access_token, the access_token provided back is giving us the permissions array, but it is empty. Is there something we need to do/configure to allow the refresh to also include the permissions? Nothing stood out in the Application/API configurations.

Thanks in advance.

derekn · January 27, 2022, 8:39pm

I guess we can close this out. Not sure what the issue was. Our initial testing using Postman the access_token coming back did not contain the perms but oddly after moving forward with the implementation in Go the access_token has them.

Sorry about that.

Topic		Replies	Views
Refresh Token does not include org and permission Help auth0 , refresh-tokens , refresh-token-rotate	5	3148	January 7, 2022
Assistance Required: Permissions Missing in Access Token for Custom API in Auth0 Help management-api , grants	1	431	March 5, 2024
First time login missing permissions in the access token JWT.io jwt , login	4	4011	November 1, 2022
RBAC: Permissions not added to the Access Token, after enabling Help apis , application	3	331	June 14, 2024
Retriving user permission Help user-profile , user-management	4	717	June 8, 2023

Refresh with refresh_token not returning permissions

Related Topics