User is not authorized to the audience for those scopes

Out of nowhere we started to receive “User is not authorized to the audience for those scopes” errors 5 hours ago. Nothing was changed in our infrastructure recently. Has somebody similar issue or any idea how to debug this?

We released a fix for this early this morning. You should no longer experience this problem. See here for more details.

Hi,

When signing up a new user, or loggin in as an existing user, we are receiving a 400 with the following error body:

{“error”:“invalid_scope”,“error_description”:“User is not authorized to the audience for those scopes”}.

This was previously working without issue until this was brought to my attention this morning.

When we include only the openid scope, we get a 200, as expected. I should add, the 400 is only returned when the user_metadata or app_metadata scopes are sent.

Any help/information would be greatly appreciated.

Thanks @tobias.jone for reporting that!

I’ll investigate it and get back to you with what I found. Were you able to reproduce it again, I mean is the issue still occuring?

Thank you!

Hi Konrad,

Luckily for our use case, we only need the openid scope for our application to function correctly - we simply removed the user_metadata scope, which consequently fixed the bug in our application.

That said, we could certainly see if the issue is still occurring when the user_metadata or app_metadata scopes are included, if that would help?

Thanks!
Tobias