Auth0 Home Blog Docs

Accessing Auth Extension Metadata in User Profile

user-metadata
auth
user-profile

#1

We are having the most frustrating experience with the Authorization Extension.

We were able to access the groups, roles, and permissions in the app_metadata section of /userinfo on Monday October 2nd. When giving a client demo on October 3rd, we were no longer getting app_metadata. The working code was sending in a scope of openid profile.

While troubleshooting, we came across this post in the community with other users reporting the same issue. We noticed in the code sample from @jmangelo that he was using scope=openid+profile+email. We updated our code to the same, and it began returning the expected profile again. I shared this feedback with @abhishek.hingnikar on a concierge call on October 13th.

In this week’s demo, the userinfo is again not returning the groups, roles, or perms in the app_metadata when sending openid profile or openid+profile. It was quite embarrassing for us.

Here is the real kicker- when we use the “Try All Rules” in the dashboard for Rules, we get exactly what we expect- the user profile with the groups, roles, perms in the app_metadata.

Please help.


#2