The getTokenSilently() function fails with “ID token is required but missing” error

lihua.zhang · August 11, 2022, 8:27pm

Problem Statement:

The call to “getTokenSilently()” causes the error “ID token is required but missing” since the scope value which contains openid is not passed to the /token endpoint.

Basically, the refresh token call does not contain the openid scope.

Solution:

/**
 * Rule to check permissions to filter user scopes on the access token
 *
 * @param {*} user
 * @param {*} context
 * @param {*} callback
 */
function checkScopes(user, context, callback) {
  const permissions = user.permissions || [];
  context.request.body = context.request.body || {};
  context.request.query = context.request.query || {};
  let requestedScopes = context.request.query.scope || context.request.body.scope || '';
  if (context.protocol === 'oauth2-refresh-token') {
    requestedScopes = requestedScopes || 'openid profile email offline_access';
  }
  const filteredScopes = requestedScopes.split(' ').filter( function(x) {
    return x.indexOf(':') < 0;
  });

  Array.prototype.push.apply(filteredScopes, permissions);
  context.accessToken.scope = filteredScopes.join(' ');

  callback(null, user, context);
}

Topic		Replies	Views
getTokenSilently() failing with "ID token is required but missing" error Help angular	5	4915	June 2, 2020
Missing Refresh Token Error When Using getAccessTokenSilently With Params Help auth0-angular , sdks-quickstarts	2	32	October 8, 2024
scopes missing from id_token but present in access_token Help id_token	2	4001	March 2, 2018
Id_token and refresh_token are missing in the /oauth/token response Help token , id_token , rules , access_token , refresh_token	2	3413	September 20, 2019
Auth0 spa 2.x returning missing_refresh_token Help auth0 , refresh_token	27	11227	May 25, 2023

The getTokenSilently() function fails with “ID token is required but missing” error

Related Topics