Scopes in Access Token are not well formed

Kamczii · April 6, 2019, 3:11pm

My access token after login is not well formed.
This is a fragmet of my payload.

“scope”: “openid , profile , read:posts,create:posts,delete:posts,update:posts”,
“permissions”:

as you can see openid and profile are divided by " , " but the others “,”. Now my spring boot backend can read only openid and profile scope. Can i format this in any way? Im using authorization extension.

this is my rule

    function (user, context, callback) {
      var permissions = user.permissions || [];
      var requestedScopes = context.request.body.scope || context.request.query.scope;
      requestedScopes.split(',').join(' ');
      var filteredScopes = requestedScopes.split(' ').filter( function(x) {
        return x.indexOf(':') < 0;
      });
      
      
      filteredScopes.push(permissions);
      context.accessToken.scope = filteredScopes.join(' ');

      callback(null, user, context);
    }

konrad.sopala · September 2, 2019, 8:52am

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?

Topic		Replies	Views
Confused: Permissions are not part of Scopes in JWT token Help jwt	3	4134	March 5, 2021
Custom scopes inside access token Help jwt , scopes , access-token	3	4431	September 26, 2019
Removing 'openid','profile' scopes from access token Help rules	3	4814	August 19, 2019
Auth0 JWT doesn't have requested API Scopes Help jwt , scopes	10	4401	September 4, 2021
Scope jwt token with SpringBoot Help jwt , scope , spring-security	3	4140	June 17, 2020

Scopes in Access Token are not well formed

Related Topics