Issue with exchangeOAuthCodeForAccessToken Returning Scope Error in @fusionauth/typescript-client 1.54.0

roopesh · 9 Dec 2024, 12:54

I am using the @fusionauth/typescript-client library and leveraging the exchangeOAuthCodeForAccessToken function to retrieve the access token, followed by the retrieveUserInfoFromAccessToken function to obtain user details in my application backend.

The setup involves a SAML v2 IdP-initiated configuration for Okta as the identity provider.

In version 1.54.0, the exchangeOAuthCodeForAccessToken function is returning the following error:
"The provided Access Token did not contain the required [openid] scope."

However, this functionality works perfectly in version 1.49.2.

Has anyone encountered this issue or know how to resolve it? Any help would be greatly appreciated.

mariahcarey1092 · 10 Dec 2024, 04:18

It looks like you're encountering an issue with the @fusionauth fnaf/typescript-client library after upgrading to version 1.54.0. The error message indicates that the access token you're receiving does not include the openid scope, which is necessary for the retrieveUserInfoFromAccessToken function to work properly.
import { FusionAuthClient } from '@fusionauth/typescript-client';

const client = new FusionAuthClient(apiKey, fusionAuthUrl);

async function authenticateUser() {
const response = await client.exchangeOAuthCodeForAccessToken(clientId, clientSecret, redirectUri, code);

if (response.successResponse) {
    const accessToken = response.successResponse.access_token;
    const userInfo = await client.retrieveUserInfoFromAccessToken(accessToken);
    console.log(userInfo);
} else {
    console.error(response.errorResponse);
}

}

sashabeauchamp8 · 12 Dec 2024, 09:53

Er9HFQOw3JCfuJHKA1mQ0VnWSp93lyJnRXi4zSN8g