Auth0 Home Blog Docs

Struggling to add custom scope to jwt



As title, I’m struggling to get a custom scope into my JWT for use with an API.

I have the given params when using webAuth:

  domain: AUTH_CONFIG.domain,
  clientID: AUTH_CONFIG.clientId,
  redirectUri: AUTH_CONFIG.callbackUrl,
  audience: process.env.REACT_APP_CUSTOMER_AUDIENCE,
  responseType: 'token id_token',
  scope: 'openid profile',

I am trying to authenticate, and get an accessToken with an additional scope:

scope: 'openid profile read:cases',

But the scope is getting removed from the token during the auth process. I kept seeing this occur so I tried to just specify the individual scope I wanted:

scope: 'read:cases',

And then, upon decoding my token I see:

aud: "(Customer audience)"
azp: "wFhU2Khd08564TtijiGraCT4fCxhPfiT"
exp: 1533736118
(Custom Claim): "(Claim value)"
iat: 1533728918
iss: "https://(our domain)"
scope: ""
sub: "auth0|(auth0Sub)"

Why is my custom scope getting removed from my token?


This is because they changed to OIDC specs. I don’t remember seeing this announcement and so not sure when it happened but you now have to build out a custom function to add in namespaced data that doesn’t conform to the OIDC spec…

Essentially custom attributes are not passed automatically anymore, in fact without adding http://some.domain/ as the namespace, it won’t be passed at all. Not really a fan but whatever i guess…