Function requiredScopes

  • Check a token's scope claim to include a number of given scopes, raises a 403 insufficient_scope error if the value of the scope claim does not include all the given scopes.

    app.use(auth());

    app.get('/admin/edit', requiredScopes('read:admin write:admin'),
    (req, res) => { ... });

    Parameters

    • scopes: string | string[]

    Returns Handler