Confused about user permissions vs properties
I understand logically but not semantically. Where are permissions used natively within Kinde - if at all? They can't be sent in tokens that I can see. Only roles and properties can be placed in tokens.
4 Replies
I was going by this document and screenshot: https://docs.kinde.com/build/tokens/token-customization/
There is only a toggle for Roles array. You saying that permissions are always present? Where is that documented?
Kinde docs
Token customization
Our developer tools provide everything you need to get started with Kinde.
Hi @Chris,
No, permissions are not always present in access tokens by default. Here's what you need to know:
Including API Scopes in Permissions Claim
You need to explicitly enable permissions in your access tokens. Here's how to do it: 1
1) Go to Settings > Applications and select "View details" on the relevant application
2) Select "Tokens" in the side menu
3) Scroll to the "Token customization" section and select "Customize" on the "Access token" tile
4) Switch on "Include API scopes in the permissions claim"
5) Select "Save"
Here is the documentation on including permissions: https://docs.kinde.com/developer-tools/your-apis/user-api-scopes/#include-api-scopes-in-the-permissions-claim
Let me know if you need any further clarification!
Kinde docs
Manage API scopes for users
Our developer tools provide everything you need to get started with Kinde.
Thanks!
I'm glad I could help. Feel free to reach out if you need anything else.