BA
Better Auth3mo ago
inmarity

Custom runtime scope for microsoft provider

Hi, im having trouble requesting additional scopes when signing a user in specifically using microsoft, my auth is configured like this 
  socialProviders: {
    microsoft: {
      clientId: process.env.MICROSOFT_CLIENT_ID || "",
      clientSecret: process.env.MICROSOFT_CLIENT_SECRET || "",
      tenantId: "common",
      requireSelectAccount: true,
      disableDefaultScope: true,
      disableImplicitSignUp: true,
      disableSignUp: true,
      prompt: "consent",
    },
  },
  socialProviders: {
    microsoft: {
      clientId: process.env.MICROSOFT_CLIENT_ID || "",
      clientSecret: process.env.MICROSOFT_CLIENT_SECRET || "",
      tenantId: "common",
      requireSelectAccount: true,
      disableDefaultScope: true,
      disableImplicitSignUp: true,
      disableSignUp: true,
      prompt: "consent",
    },
  },
and i have two different places where i want to either only read basic user info or also their mailbox 
await authClient.signIn.social({
  provider: "microsoft",
  errorCallbackURL: "/error",
  scopes: ["openid", "profile", "email", "User.Read", "offline_access"],
});
await authClient.signIn.social({
  provider: "microsoft",
  errorCallbackURL: "/error",
  scopes: ["openid", "profile", "email", "User.Read", "offline_access"],
});
await authClient.signIn.social({
  provider: "microsoft",
  scopes: [
    "Mail.Read",
    "Mail.Send",
    "openid",
    "profile",
    "email",
    "User.Read",
    "offline_access",
  ],
});
await authClient.signIn.social({
  provider: "microsoft",
  scopes: [
    "Mail.Read",
    "Mail.Send",
    "openid",
    "profile",
    "email",
    "User.Read",
    "offline_access",
  ],
});
but using those would result in microsoft saying "scope" param is missing
No description
Solution:
oh someone already did it: https://github.com/better-auth/better-auth/pull/3013
GitHub
fix: scope issues for Google and Microsoft by jafri · Pull Request...
For Microsoft: Allows incremental scope expansion For Google: Return all granted scopes to current key, so that signIn does not overwrite previously granted scopes in db
Jump to solution
2 Replies
inmarity
inmarityOP3mo ago
nvm, it's a bug the the package, i'll submit a fix pr
Solution
inmarity
inmarity3mo ago
oh someone already did it: https://github.com/better-auth/better-auth/pull/3013
GitHub
fix: scope issues for Google and Microsoft by jafri · Pull Request...
For Microsoft: Allows incremental scope expansion For Google: Return all granted scopes to current key, so that signIn does not overwrite previously granted scopes in db

Did you find this page helpful?