I’m trying to use JWT authentication for a REST API. I have the verifier running but I can’t get at the things I’d like to in the token, for example the scopes. If I look in the debugger I can see that the Payload is actually an Auth0 PayloadImpl. The Impl has a ‘tree’ property that has the data I need but this isn’t a public class so I can’t cast to it. Am I missing something, is there a way to get at the scopes for example?

isn't the "scope" just in the claims?

decodedToken.getClaim("scope").asList(String.class);

should work if I'm remembering this right

The claims are empty, as is the subject

well looking at the PayloadImpl class, the claims are loaded from 'tree' so that's weird

this is what I do:

val Payload.scopes get() = this.getClaim("scope").asString().split(" ")

fun Payload.hasRequiredScope(scope: String) = this.scopes.contains(scope)

Thanks for you help guys. Turns out I was looking at the wrong thing or being an idiot or probably both. The claims are indeed there on the payload