Surface custom scopes on consent screen for first-party applications

ian-ridian · July 4, 2022, 9:23pm

Circling back on what I ended up having to do:

I needed to pass the audience param in the authorization request. I’m using using authlib, OAuth2Session (rather parent class OAuth2Client) defines the following

class OAuth2Client(object):
    # other stuff

    EXTRA_AUTHORIZE_PARAMS = (
        'response_mode', 'nonce', 'prompt', 'login_hint',
    )

and does NOT include audience, so I needed to extend it:

class OAuth2SessionProxy(OAuth2Session):
    """
    need to extend OAuth2Session in order to include the `audience`
    param in the OAuth2Session.EXTRA_AUTHORIZE_PARAMS tuple, it's used
    by Auth0 in determining which API this request is associated with
    """
    def __init__(self, *args, **kwargs):
        super(OAuth2SessionProxy, self).__init__(*args, **kwargs)

    EXTRA_AUTHORIZE_PARAMS = (
        'response_mode',
        'nonce',
        'prompt',
        'login_hint',
        'audience',
    )

Anyway, this is what worked for me. Interested in hearing if anyone ran into something similar / what their approach was.

Topic		Replies	Views
Consent for regular web client against Auth0 Get Help oauth , consent	5	6957	March 2, 2018
How do I get custom scopes from a social connection? Get Help connections , other-built-in-social-connections	1	1077	May 9, 2023
User Consent for multiple scopes Get Help	2	3789	January 31, 2019
Disable the Consent Screen for Profile when Logging into Auth0 Applications Knowledge Articles login , disable , consent-screen	1	4244	December 14, 2022
Additional scopes in a custom login page Get Help scopes , custom-login , login	8	3679	January 28, 2021

Surface custom scopes on consent screen for first-party applications

Related topics