Role-Based Access Control and Authorization Troubleshooting: Scopes Claim Not Showing the Expected Values in Auth0

Implementing Role-Based Access Control (RBAC) using the Authorization Core feature set can sometimes result in the scopes claim not showing the expected values. This occurs when a rule sets the accessToken.scope or overrides the RBAC-based authorization decisions. Resolve this issue by verifying rule configurations to ensure they do not conflict with RBAC settings.

• Auth0
• Role-Based Access Control (RBAC)
• Authorization Core
• Troubleshooting

The scopes claim fails to display the expected values because a rule sets the accessToken.scope or overrides the RBAC-based authorization decisions. Configured authorization rules run after the RBAC-based authorization decisions are made, allowing them to override the default behavior.

How is the scopes claim not showing the expected values issue resolved?

Resolve the scopes claim issue by verifying the rule configurations with the following checks.

• Ensure that a rule does not set the accessToken.scope.
• Verify that configured authorization rules do not override the default behavior. Configured authorization rules run after the RBAC-based authorization decisions are made, which allows them to override the default behavior.