Hi, I have a little problem with scopes. I have an API(C#) and a React application.
I configured authentication following the guides and everything works fine. I can call a protected endpoint from my app when i am logged. But when I try to call an endpoint with scope required it returns 403 Forbidden. When I add to Auth0Provider scope prop
<Auth0Provider domain={domain} clientId={clientId} redirectUri={window.location.origin} onRedirectCallback={onRedirectCallback} audience={audience} scope = "use:everything" // does not work > {children} </Auth0Provider>
the application doesn’t even make a request to the endpoint.
I added this permision in my API settings and then assigned to my account.
I can not figure out what am I missing.
Welcome to the Auth0 Community!
I understand that you’re encountering issues using scopes with your React App.
To better assist you, could you please capture a HAR file of the request you are making that leads to the 403 Forbidden error?
In the meantime, you may find these resources useful:
- https://auth0.com/docs/quickstart/spa/react/02-calling-an-api
- https://github.com/auth0/auth0-react#call-an-api
Thank you.
1 Like
Hello, thank you for reply.
I checked my backend again and it works fine when i pass the token from Test tab. I checked the token at jwt.io and it has Scope. I also started from beginnig with react to be sure that I did everything right. But still i can call only secured endpoints without scope
localhost_Archive [21-10-07 13-11-50].har (142.0 KB)