Hi @kamrankhan, sorry for the delayed response! I tested this out, but my scopes get added to the scope claim as expected. Here are the steps I had to take from the tutorial as described:
- Add the
custom:permissionscope to the JWT Authorizer (same as in your screenshot) and to the ‘Permissions’ Tab on the “AWS JWT Authorizer” API:
- I had to re-authorize using the API in my “AWS JWT Authorizer (Test Application)” App in Auth0 to grant the
custom:permissionscope to the app (this is needed for M2M applications; if you’re using a web app or SPA you can request thecustom:permissionscope during the authorization step):
- After that, the auto-generated access token in the “Test” section of the API is updated to include the
scopeclaim including thecustom:permissionscope:
(The screenshot comes from jwt.io, for easy decoding of JWTs)
Were there any additional settings that you changed, either on the Application or API side in your Auth0 Dashboard?