api.accessToken.addScope is not working

Question

api.accessToken.addScope is not working

victorcopque opened this issue 3 months ago · 1 comments

Checklist

The issue can be reproduced in the auth0-react sample app (or N/A).
I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
I have looked into the API documentation and have not found a suitable solution or answer.
I have searched the issues and have not found a suitable solution or answer.
I have searched the Auth0 Community forums and have not found a suitable solution or answer.
I agree to the terms within the Auth0 Code of Conduct.

Description

In the Actions flow, if you want to modify the accessToken using api.accessToken.addScope, the token remais the same. Action that I used as example:

exports.onExecutePostLogin = async (event, api) => {
    const appMetadata = event.user.app_metadata;
    var permissions = appMetadata?.authorization?.permissions;

    var requestedScopes = event.request.body.scope || event.request.query.scope;
    var parsedScopes = requestedScopes.split(" ");
  
    var allScopes = parsedScopes.concat(permissions);

    allScopes.forEach(scope => api.accessToken.addScope(scope));
};

NOTE: if you run the "same code" in Auth Pipeline > Rules, it works! 🎉

Reproduction

Create a Custom Action
Adds the new action created in the Post Login Flow
Fill the login form with your credentials
Submit Form

So if you inspect the token retrieved after login, the scopes remains unchanged

Additional context

No response

auth0-react version

2.2.4

React version

18.2.0

Which browsers have you tested in?

Chrome

Answer 1 · 2024-09-20T11:52:13.000Z

I have the same behavior, no scopes are added even though the login flow completed successfully.