Adding metadata to jwt token

Hi
I’m trying to get the meta data returned in the decoded jwt.
i have created a rule similar to the one detailed in this post.

my rule looks like;

function (user, context, callback) {
console.log(‘user_metadata:’+user.user_metadata);
var namespace = ‘http://localhost:3000/’;
context.accessToken[namespace + ‘user_authorization’] = {
user_metadata : user.user_metadata
};
return callback(null, user, context);
}

when i login and decode the token i do not see the user_metadata in the payload.

i’m i misunderstanding something or is there an error in the rule.

Thanks for any help.

@patassell, Welcome to the Auth0 Community!

The rule looks okey to me, few things to keep in mind, make sure your user profile is populated with
user metadata which you have already printed so that is good. Second point which token are you verifying with(there are variations for ID token and Access token)? You can also add this metadata in the Id token so that you are covering both the tokens

context.idToken[namespace + "user_authorization"] = {
	user_metadata : user.user_metadata
	}; 

Also if you are checking access token make sure you don’t have an opaque access token(without audience). Make sure to add audience.

Let me know if this helps!

1 Like

Ah yes. I was adding the metadata to the accessToken, but using the id_token.
my function now looks like this …

function (user, context, callback) {
console.log(‘user_metadata:’+user.user_metadata);
var namespace = ‘http://localhost:3000/’;
context.idToken[namespace + “user_authorization”] = {
user_metadata : user.user_metadata
};
return callback(null, user, context);
}

and works like a charm.

Thanks very much for the reply.

If i attempt to then add the user.roles they don’t show up in the jwt. ?

function (user, context, callback) {
console.log(‘user_metadata:’+user.user_metadata);
var namespace = ‘http://localhost:3000/’;
context.idToken[namespace + “user_authorization”] = {
user_metadata : user.user_metadata,
roles: user.roles,
};
return callback(null, user, context);
}

is that because i’m on the free tier ?

i tried enabling the auth extension as described here…

any help greatly appreciated.