Hi, am sending a request using a ruby script directly to: /oauth/token. The body looks like:
"{\"grant_type\":\"http://auth0.com/oauth/grant-type/password-realm\",
"username": "qa_test@wakoopa.com","password": "123",
"audience": "https://my-tenant.eu.auth0.com/userinfo\“,
"scope": "openid app app_scope cli",
"client_id": "my-client-id",
"client_secret": "the-access-token",
"realm": "Username-Password-Authentication",
"response_type": "token id_token"}”
But at the response the Scope is not the one am sending, so that the id_token that am getting has not all the user information as I would expect:
"{\"access_token\":\"the-access-token\",\"id_token\":\"the-id-token\",\"scope\":\"openid profile email address phone\",\"expires_in\":86400,\"token_type\":\"Bearer\"}"
What is wrong? why am not getting a full token with the scope am trying to send?
PD: The scopes are well defined since it works good for our SPA login pages, but I need to do the same just scripting.