Custom claim without namespace

engmohyeldean · August 5, 2019, 4:59pm

i have this role in my roles

function (user, context, callback) {
  if(user.user_metadata){
    const namespace = 'https://mywebsite.com/';
    context.accessToken[namespace + 'role'] = user.user_metadata.role;
    context.idToken[namespace + 'role'] = user.user_metadata.role;
  }
  callback(null, user, context);
}

when i remove the name space it not work when i add it it work
how to remove name space and make it work
i need to get the role in the token

mathiasconradt · August 5, 2019, 6:15pm

Removing the namespace from custom claims isn’t possible, because:

they must conform to a namespaced format to avoid possible collisions with standard OIDC claims.

(see OpenID Connect Scopes)

and roles, as opposed to the permissions claim when enabling RBAC core, aren’t available as root claims for access tokens (or ID tokens).

What’s the reason that you need the roles claim as root claim? Is it because the SDK you’re using to validate token and claims expects the roles to be exactly there, as root claims? Any additional context is helpful to understand your use case and need for this a bit better.

system · August 20, 2019, 6:15pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Custom claims and namespaces Help	3	5684	November 18, 2019
Why custom rules's namespace has to be my tenant url Help auth0	3	5911	March 6, 2020
How to make roles a key in JSON rather than namespace - accessing custom claims from NodeJS/Express using Actions Help	2	1939	April 22, 2022
Rule with blank namespace stopped working for two days then started working again Help	4	4313	April 20, 2020
Non-namespaced custom claims in app_metadata or user_metadata Help token-info-tokeninfo , deprecations	5	1453	February 20, 2023

Custom claim without namespace

Related Topics