[英]Auth0 - why insufficient scope and what to do with it?
我正在尝试使用Auth0进行身份验证并获取用户数据。
import json
import requests
payload = {
'grant_type': 'password',
'username': '********',
'password': '********',
'client_id': '********',
'connection': 'Username-Password-Authentication',
'scope': 'openid'
# 'scope': 'openid, read:clients, read:client_keys'
# 'scope': 'read:clients'
}
base = 'https://********.auth0.com'
url = base + '/oauth/ro'
response = requests.post(url, data=payload)
response = json.loads(response.content)
headers = {"Authorization": "bearer " + response["id_token"]}
response = requests.get(base + '/api/v2/clients/joebloggs', headers=headers).json()
print response
我不断得到的是
{u'errorCode': u'insufficient_scope', u'message': u'Insufficient scope, expected any of: read:clients,read:client_keys', u'error': u'Forbidden', u'statusCode': 403}
到底是哪里错了,该怎么办?
您不能将id_token
用于Auth0 API。 您需要针对API(v2)的特定令牌(在您的情况下,您需要read:client
范围)。 看到这里: https : //auth0.com/docs/api/management/v2
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.