Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
signin with ticket containing scopes do not return scope in response
See original GitHub issueI’m returning a ticket with a list of scopes when user signin with password flow :
var ticket = await CreateTicketAsync(request, user);
ticket.SetScopes(new[] {
OpenIdConnectConstants.Scopes.OpenId,
OpenIdConnectConstants.Scopes.Email,
OpenIdConnectConstants.Scopes.Profile,
OpenIdConnectConstants.Scopes.OfflineAccess,
});
return SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme);
but the json response doen’t contain scope property. I obtain something like that :
{"resource":"resource_server","token_type":"Bearer","access_token":"","expires_in":3600,"refresh_token":"","id_token":""}
any idea why ?
Issue Analytics
- State:
- Created 5 years ago
- Comments:6 (4 by maintainers)
Top Results From Across the Web
OAuth Scopes Best Practices
Best practices for designing OAuth scopes in real world systems and managing them at scale. Discover how to perform API Authorization using Scopes....
Read more >What Are Scopes and How Do They Relate to Claims?
Claims, not scope. If the request is for less than the full scope, the returned token contains a list of claims, and does...
Read more >AWS cognito: "Access token does not contain openid scope"
I suspect the problem originates from not specifying this scope when you authenticated and got the token. Usually you configure scopes such as ......
Read more >OAuth with specific scopes not work
Hi I follow the document here to gain access token with scopes "tickets:read users:read auditlogs:read". After oauth flow completed, ...
Read more >On The Nature of OAuth2's Scopes
The point here is that the scope is only saying to the authorization server (AS) what the app can do on the user...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Looks like a known issue caused by a recent change: https://github.com/manfredsteyer/angular-oauth2-oidc/issues/309
/cc @manfredsteyer
Closing, as I believe @manfredsteyer pushed a fixed version 🎉