Add Custom Claims to User Profile (User / App Metadata)

I want to send the client some additional info in the user profile. I created the following rule:

function (user, context, callback) {
user.app_metadata = user.app_metadata || {};
user.app_metadata.test = “some value”;

auth0.users.updateAppMetadata(user.user_id, user.app_metadata)
  .then(function() {
    let namespace = 'https://mysite.com/';
    context.idToken[namespace + 'app_metadata'] = user.app_metadata;
    callback(null, user, context);
  })
  .catch(function(err) {
    callback(err);
  });

}

However, instead of receiving this (which I expected):

{
  app_metadata: {
   test: "some value"
  }
  nickname: "afaafa11fdf"
  name: "afaafa11fdf@bob.com"
}

I receive this:

{
  https://mysite.com/app_metadata: {
    test: "some value" 
  }
  nickname: "afaafa11fdf"
  name: "afaafa11fdf@bob.com"
}

I have been following these guidelines here.

That’s all as expected and also as described in the documentation, which states:

Note that the user_id property is sent as sub in the ID Token, and that favorite_color and user_metadata are not present in the OIDC response from Auth0. This is because OIDC does not define standard claims to represent all the information in this user’s profile. We can, however, define a non-standard claim by namespacing it through a rule:

Since app_metadata and user_metadata isn’t a standard OIDC claim, it needs to go into a custom claim, which is always returned with the whole namespace / namespace URL.

However, instead of receiving this (which I expected):

This is just how it’s stored on Auth0 user store end, but not as it’s returned in the ID token. Just as the docs state: “This would be the profile stored by Auth0: […]” - that’s not the same format as what is returned in the ID Token.

1 Like

Alright thank you, I misunderstood this then!

2 Likes

Glad you understand it now. Thanks @mathiasconradt for providing the clarification!

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.