Auth0 Home Blog Docs

accessToken vs idToken regarding /userinfo

#1

Hello,

I have written a rule that add some information after successfull login, roles (added in app_metadata and id token) exactly like in this sample https://auth0.com/rules/roles-creation
Starting from sample https://auth0.com/rules/add-country, I updated it to do something similar than with role for country and timezone but instead of app_metadata I added them in user_metadata and instead of id token I added them in access token.
When I call /userinfo endpoint with scope email and profile, I only have roles and other profile info (from social provider), but not country neither timezone.
How can we get user_metadata content return from /userinfo (with OIDC) ?

If possible I’d like to have timezone returned as zoneinfo in order to be compliant to OIDC standard

Last question is it possible to return same json from /userinfo for users that ca in signup using social provider and users signup in databases (in this case they fiill their profile manually in a custom form ) ?

Thanks
Arnaud

#2

I did some tests about that, in rules when I add things in idToken like for example timezone
context.id[‘zoneinfo’]
timezone is added in id token and also given when called /userinfo endpoint
But when I add things in access token
context.accessToken[‘zoneinfo’]
timezone is not added from infos returned by /userinfo
I do not want timezone in id token, I just want timezone returned from /userinfo how can I do thant ?

#3

I realize my question is not clear enough, and except for the question raised here How having /userinfo profile information without "messing" with idtoken, I manage to have things I needed working by myself so this question is not valid anymore

#4

Thanks a lot for letting us know!

closed #5

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.