I'm using Auth0 in my Node.js application and I'm facing Insufficient scope error when trying to protect any routes in my app.
I've been searching for a while and I found a bunch of similar problem, but couldn't manage to find the solution.
Essentially, in my node app I have to protect a route as follow:
const checkScopes = jwtAuthz(['read:flights']);
However, I always receive Insufficient scope error when adding the middleware to protect my route:
app.get('/api/permission', checkJwt, checkScopes, (req, res) => {
res.send({
msg: 'Your access token AND PERMISSION was successfully validated!'
});
});
Could you help me please?
you should include a second parameter called "customScopeKey" this way auth0 will use permission instead of scope to validate the user credentials.
use this:
const checkScopes = jwtAuthz(['read:flights'], { customScopeKey: "permissions" });
instead of
const checkScopes = jwtAuthz(['read:flights']);