Auth0 Home Blog Docs

Accessing Auth Extension Metadata in User Profile



We are having the most frustrating experience with the Authorization Extension.

We were able to access the groups, roles, and permissions in the app_metadata section of /userinfo on Monday October 2nd. When giving a client demo on October 3rd, we were no longer getting app_metadata. The working code was sending in a scope of openid profile.

While troubleshooting, we came across this post in the community with other users reporting the same issue. We noticed in the code sample from @jmangelo that he was using scope=openid+profile+email. We updated our code to the same, and it began returning the expected profile again. I shared this feedback with @abhishek.hingnikar on a concierge call on October 13th.

In this week’s demo, the userinfo is again not returning the groups, roles, or perms in the app_metadata when sending openid profile or openid+profile. It was quite embarrassing for us.

Here is the real kicker- when we use the “Try All Rules” in the dashboard for Rules, we get exactly what we expect- the user profile with the groups, roles, perms in the app_metadata.

Please help.