Globus scopes

33 views
Skip to first unread message

Victoria Lubitch

unread,
May 22, 2024, 4:48:49 PMMay 22
to Discuss
Hello,

I have a Native Applications that tries to get an access token. I am submitting the following scopes 'openid,email,profile,urn:globus:auth:scope:transfer.api.globus.org:all' I get the UNKNOWN_SCOPE_ERROR:
requested unknown scopes: ['openid,email,profile,urn:globus:auth:scope:transfer.api.globus.org:all']I am using js-pkce library (npm) for PKCE authorization.
If I submit only urn:globus:auth:scope:transfer.api.globus.org:all  then it is working, but I also need other scopes as well.My PKCE object 
this.PkceAuth = new PKCE({
client_id: this.config.globusClientId ,  
redirect_uri: this.redirectURL
authorization_endpoint: 'https://auth.globus.org/v2/oauth2/authorize'
token_endpoint: 'https://auth.globus.org/v2/oauth2/token'
requested_scopes: 'openid,email,profile,urn:globus:auth:scope:transfer.api.globus.org:all'
});

Is it a library problem and I should switch to manually creating code_verifier and code_chalenge or is it some syntax error in requested_scopes or maybe there is a problem to have both transfer and auth scopes?

Regards,
Victoria

Josh Bryan

unread,
May 22, 2024, 4:54:09 PMMay 22
to Victoria Lubitch, Discuss
Victoria,

The error here looks like the `requested_scopes` parameter is not delimited appropriately.  Oauth2 requires that multiple scopes be sent in a space delimited query parameter rather than a comma delimited parameter.  I expect replacing the commas with spaces will get you past this issue.

Regards,
Josh

Victoria Lubitch

unread,
May 23, 2024, 11:55:50 AMMay 23
to Discuss, jo...@globus.org, Discuss, Victoria Lubitch
Thanks Josh, the space separator did solve my problem.

Regards,
Victoria

Reply all
Reply to author
Forward
0 new messages