Open
Description
Checklist
- I have looked into the Readme and have not found a suitable solution or answer.
- I have searched the issues and have not found a suitable solution or answer.
- I have searched the Auth0 Community forums and have not found a suitable solution or answer.
- I agree to the terms within the Auth0 Code of Conduct.
Description
Following this tutorial:
https://auth0.com/docs/quickstart/backend/golang#validate-access-tokens
validating custom claims is no longer working.
I can validate the jwt but cannot get custom claims.
Reproduction
Repoduce steps:
- Setup an auth0 api describe here: https://auth0.com/docs/quickstart/backend/golang#create-an-api
- git clone [email protected]:auth0-samples/auth0-golang-api-samples.git
- create a
.envfile in the root of the cloned project with the api from above - This token was grabbed from: https://manage.auth0.com/dashboard/us/dev-aelumhqjxjwyvowv/apis/65340d421cfbcc839d0af2ed/test
curl --request GET \ FeatureFlagging
--url http://localhost:3010/api/private-scoped \
--header 'authorization: Bearer SOME_TOKEN- response
{"message":"Insufficient scope."}
Additional context
Theres even a section that lets you examine the jwt from the dashboard but says scopes
{
"iss": "https://dev-aelumhqjxjwyvowv.us.auth0.com/",
"sub": "ZXfvxk0RCZFjwJyRkCTGp5JJi1nFaf69@clients",
"aud": "http://backend/",
"iat": 1697985763,
"exp": 1698072163,
"azp": "ZXfvxk0RCZFjwJyRkCTGp5JJi1nFaf69",
"gty": "client-credentials",
"permissions": []
}
Metadata
Metadata
Assignees
Labels
No labels