-
Notifications
You must be signed in to change notification settings - Fork 200
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refreshed Token does not contain requested scopes #786
Comments
@objectiveSee Can you confirm 3 things?
|
Hey @poovamraj and @Widcket, Here's answers to those questions: Is the userId set as a custom claim in the ID Token? Is it set as a part of auth0 actions?
Can you verify that the response received in the ID token has this value? |
@objectiveSee So you are saying the response received from the auth0 server doesn't have the required value? Then it has to be checked on the action implementation. If the response has the required value and it is only the SDK that is not getting it, then it has to be checked on the SDK. So are you sure the claim is not present in the server response itself? In that case we can forward this internally to the correct team. You can also raise a request in our Community. On the other hand, if you are a paid customer, you can reach out to our Developer Support team who can expedite this for you. I am not sure whether this is because the |
Sorry for the confusion @poovamraj. Let me clarify. What we are seeing is that the In the following example, the value of NOTE: user data and our team URLs are anonymized (using ChatGPT)
User value if this session started with login then
User value on subsequent app launches. Notice that the custom scope variable is missing.
|
@objectiveSee from our understanding this is because of event check here which will not be triggered for subsequent logins
And doesn't look like an SDK issue. Can you remove this check and verify? |
Thank you for the help @poovamraj. Unfortunately this change didn't fix things. I posted an issue on the Auth0 community. We are a paid account so I will try to get this escalated. In the meantime we may just cache the custom claim info so as a placeholder solution. We have a paid account, but I am not sure how to escalate an issue. https://community.auth0.com/t/missing-custom-claim-in-token/120485 |
@objectiveSee you can try as suggested here - https://auth0.com/docs/troubleshoot/customer-support/open-and-manage-support-tickets. I am assuming this is not an issue on the SDK but in the action. We will keep a look out for the support ticket if it reaches as an issue in the SDK. In which case we will reopen this ticket as well and provide updates on the solution so that the community is in the loop as well. Hope this works and we will close this issue now. You can still comment here if you need any help and we can reopen this issue if required. |
This issue was resolved. See the Auth0 ticket linked above for resolution. Thanks to everyone @ Auth0 :) |
Checklist
Description
Our app is using a custom scope
OURAPP_ID_SCOPE
inside the Auth0 token. Specifically this is used to get the userId. The token correctly contains a value for theOURAPP_ID_SCOPE
property when we do an initial login. However, when we do a refresh token we notice that the userId property is missing. We would like to be able to use theHere is some example code. See
[The Problem]
in the code. It seems that theuser
property from the Auth0 hook does not update contain the requested scope after a token refresh.Any help is much appreciated! Please let me know if I can test anything specific to help you debug. 🙏
Reproduction
user[OURAPP_ID_SCOPE]
is defineduser[OURAPP_ID_SCOPE]
is undefinedAdditional context
No response
react-native-auth0 version
3.0.0
React Native version
0.72.4
Expo version
~49.0.7
Platform
iOS
Platform version(s)
iOS Simulator 16.4
The text was updated successfully, but these errors were encountered: