Scopes in Access Token are not well formed

Kamczii · April 6, 2019, 3:11pm

My access token after login is not well formed.
This is a fragmet of my payload.

“scope”: “openid , profile , read:posts,create:posts,delete:posts,update:posts”,
“permissions”:

as you can see openid and profile are divided by " , " but the others “,”. Now my spring boot backend can read only openid and profile scope. Can i format this in any way? Im using authorization extension.

this is my rule

    function (user, context, callback) {
      var permissions = user.permissions || [];
      var requestedScopes = context.request.body.scope || context.request.query.scope;
      requestedScopes.split(',').join(' ');
      var filteredScopes = requestedScopes.split(' ').filter( function(x) {
        return x.indexOf(':') < 0;
      });
      
      
      filteredScopes.push(permissions);
      context.accessToken.scope = filteredScopes.join(' ');

      callback(null, user, context);
    }

konrad.sopala · September 2, 2019, 8:52am

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?

Topic		Replies	Views
Confused: Permissions are not part of Scopes in JWT token Help jwt	3	4138	March 5, 2021
Custom scopes inside access token Help jwt , scopes , access-token	3	4431	September 26, 2019
scopes missing from id_token but present in access_token Help id_token	2	4001	March 2, 2018
Removing 'openid','profile' scopes from access token Help rules	3	4819	August 19, 2019
Auth0 JWT doesn't have requested API Scopes Help jwt , scopes	10	4413	September 4, 2021

Scopes in Access Token are not well formed

Related Topics