K
Kinde2w ago
hsdmiranda

Why my permissions are not sent in the token?

This is the token when I decode on the jwt.io: 
{
  "aud": [],
  "azp": "d074dab197af478eaa9afbdd11bf0db4",
  "exp": 1739433708,
  "iat": 1739347308,
  "iss": "https://auth.bookengo.com",
  "jti": "bb905ce1-4709-4f6c-93f6-2be0215d17f9",
  "scp": [
    "openid",
    "profile",
    "email",
    "offline"
  ],
  "sub": "kp_077e8febb35c4aa7aba57fe445c27dd2",
  "x-hasura-external-org-id": "external_1",
  "x-hasura-org-code": "org_9fb9fa12f3a",
  "x-hasura-org-name": "Bengo",
  "x-hasura-permissions": [
    "view-organizations",
    "organizations:impersonate"
  ],
  "x-hasura-roles": [
    {
      "id": "0194421f-b9e2-4279-f158-bb6c4c04a664",
      "key": "system-admin",
      "name": "system-admin"
    },
    {
      "id": "01944220-b3b1-e0b9-5f39-68b2ec5bfc2d",
      "key": "org-admin",
      "name": "org-admin"
    }
  ]
}
{
  "aud": [],
  "azp": "d074dab197af478eaa9afbdd11bf0db4",
  "exp": 1739433708,
  "iat": 1739347308,
  "iss": "https://auth.bookengo.com",
  "jti": "bb905ce1-4709-4f6c-93f6-2be0215d17f9",
  "scp": [
    "openid",
    "profile",
    "email",
    "offline"
  ],
  "sub": "kp_077e8febb35c4aa7aba57fe445c27dd2",
  "x-hasura-external-org-id": "external_1",
  "x-hasura-org-code": "org_9fb9fa12f3a",
  "x-hasura-org-name": "Bengo",
  "x-hasura-permissions": [
    "view-organizations",
    "organizations:impersonate"
  ],
  "x-hasura-roles": [
    {
      "id": "0194421f-b9e2-4279-f158-bb6c4c04a664",
      "key": "system-admin",
      "name": "system-admin"
    },
    {
      "id": "01944220-b3b1-e0b9-5f39-68b2ec5bfc2d",
      "key": "org-admin",
      "name": "org-admin"
    }
  ]
}
9 Replies
hsdmiranda
hsdmirandaOP2w ago
I tried to follow this: https://discord.com/channels/1070212618549219328/1337057274178568202/1337311358751866921 I don't have this option: 
4) Switch on "Include API scopes in the permissions claim"
4) Switch on "Include API scopes in the permissions claim"
Ages
Ages2w ago
Sorry you are having this issue. What SDK are you using?
hsdmiranda
hsdmirandaOP2w ago
I was using an example of Refine dev. And they use a library that is quite old, I see now. https://github.com/hirenf14/refine-auth-kinde-react
GitHub
GitHub - hirenf14/refine-auth-kinde-react: AuthProvider for Refine ...
AuthProvider for Refine with Kinde integration. Contribute to hirenf14/refine-auth-kinde-react development by creating an account on GitHub.
hsdmiranda
hsdmirandaOP2w ago
Might that be the issue? I see it uses 
    "@kinde-oss/kinde-auth-react": "^3.0.21"
    "@kinde-oss/kinde-auth-react": "^3.0.21"
Ages
Ages2w ago
That could be the issue. Especially if it is not up to date with our latest SDK version. I recommend updating to use our SDK. Note also that a new React SDK package will be made available in a week or so. It's a sizeable update, so you may want to wait for it. Let us know if you have any other questions.
hsdmiranda
hsdmirandaOP5d ago
Hey, I upgraded to the latest version, but I am still not getting the permissions in the token. Not sure what else I can try
Ages
Ages5d ago
As I said the React package is being updated but has not been released yet - so our latest is not the new version yet. We are hoping later this week. In the meantime, just checking you have seen this section of the docs about helper functions and permissions in tokens https://docs.kinde.com/developer-tools/sdks/frontend/react-sdk/#user-permissions Re the option to switch on "Include API scopes in the permissions claim" You should be able to do this if you open your application in Kinde, go to Tokens, then scroll to the Access token tile and click Customize. This should be the top option you see. Let me know how you go.
hsdmiranda
hsdmirandaOP4d ago
I don't have the option to include permissions in the token. I also check the docs, it is just not there
No description
Ages
Ages4d ago
I'm going to refer this to a team member to troubleshoot for you. Hi,

It looks like your permissions are already included under x-hasura-permissions, which suggests that Hasura mapping is enabled. Please review your Hasura authentication settings to confirm if this is the expected behavior.

Let me know if this helps or if you need further assistance

Did you find this page helpful?