I trying to use Auth0 Rules to modify the JWT access token generated at login. I am using SPA PKCE flow for authentication.
The issue I’m running into is that not all custom keys attached to the access token are getting added to the final token.
For example, I can add keys with a namespace weblink like https:://www.example.com/mykey or something similar, however without a web-like link, if I try setting for myKey directly, it does not add to the access token I receive in my browser.
Following is the pattern I found:
- https://www.example.com/mykey – works
- https://www.somsite.com/mykey – works
- http://localhost:3000/mykey – works
- https://mykey – works
- https:mykey – works
- https_mykey – does not work
- https-mykey – does not work
- mykey – does not work
- ://mykey – does not work
- https//mykey – does not work
Is there a reason why only keys starting with http: or https: is working?
Can this support regular key names?