Hi guys,
I have set up a rule wherein the scopes ‘openid’ and ‘profile’ are filtered out from the issued access token scope.I am adding some custom permissions to the scope.
var permissions = user.permissions || [];
var requestedScopes = context.request.body.scope || context.request.query.scope;
var filteredScopes = requestedScopes.split(' ').filter( function(x) {
return x.indexOf(':') < 0 && x!=='openid' && x!=='profile';
});
Array.prototype.push.apply(filteredScopes, permissions);
context.accessToken.scope = filteredScopes.join(' ');
callback(null, user, context);
However the scopes “openid” and “profile” are not getting removed from the issued access token.
I tried debugging but the console is not accessible for some reason.
Appreciate any help
Regards
Aswin