Add email to initial token?

Hello Everyone,

Is there any way to get the email in the initial token so I do not have to do another request to domain/userinfo to get the email? I am reaching too many requests limit…

I found this url linked when someone else asked the same question:

However, from my understanding, the email is supposed to already be in token, but it is not…

(using angular with the angular quickstart code)

Cheers,
HD

Hey there @hd2200,

Welcome to the Community!

You may have to request the email scope to let the server know that you would like email and email_verified claims in the id token. You have checked the response when you use the getIdTokenClaims method?

Let me know,
Dan

Hi Dan,

I am already requesting it:

scope: ‘openid profile email’

Result (censored):

{
  "alg": "RS256",
  "typ": "JWT",
  "kid": ""
}

{
  "iss": "https://.auth0.com/",
  "sub": "auth0|",
  "aud": [
    "https://",
    "https://.auth0.com/userinfo"
  ],
  "iat": ,
  "exp": ,
  "azp": "",
  "scope": "openid profile email"
}

Maybe I am misunderstanding something?

The scopes you’re requesting, openid profile email have an affect on the ID token, not the access token (what you’re showing above is the access token, see token docs for general info). The email claim will be added to the ID token, not the access token.

If you need the info in the access token as well, you should add this via Rule as custom claim.

1 Like

Ok, thank you for confirming. I will try to do that using custom claims.

It was a lot easier than I tought, its too bad I spent HOURS looking for this before asking you guys :smiley:
If anyone else is a noob like me and strugling, add this as a new rule under rules:

context.accessToken[‘https://YOURDOMAIN/claims/email_verified’] = user.email_verified;
context.accessToken[‘https://YOURDOMAIN/claims/email’] = user.email;

Thanks everyone :slight_smile:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.