Hi
I’m trying to get the meta data returned in the decoded jwt.
i have created a rule similar to the one detailed in this post.
I want the app_metadata we’ve configured for a user to show up in the JWT claims. I’m testing with sandbox.it.auth0.com and Authentication API Debugger but can’t seem to get the extra info added to the id_token.payload. Here’s the rule that’s running in the sandbox:
module.exports = function(client, scope, audience, context, cb) {
var access_token = context.access_token || {};
access_token.scope = scope;
access_token'https://blah.com/foo'] = 'bar';
cb(null, access_token);
};
Any help w…
my rule looks like;
function (user, context, callback) {
console.log(‘user_metadata:’+user.user_metadata);
var namespace = ‘http://localhost:3000/ ’;
context.accessToken[namespace + ‘user_authorization’] = {
user_metadata : user.user_metadata
};
return callback(null, user, context);
}
when i login and decode the token i do not see the user_metadata in the payload.
i’m i misunderstanding something or is there an error in the rule.
Thanks for any help.
patassell:
console.log(‘user_metadata:’+user.user_metadata);
var namespace = ‘http://localhost:3000/’ ;
context.accessToken[namespace + ‘user_authorization’] = {
user_metadata : user.user_metadata
};
return callback(null, user, context);
@patassell , Welcome to the Auth0 Community!
The rule looks okey to me, few things to keep in mind, make sure your user profile is populated with
user metadata which you have already printed so that is good. Second point which token are you verifying with(there are variations for ID token and Access token)? You can also add this metadata in the Id token so that you are covering both the tokens
context.idToken[namespace + "user_authorization"] = {
user_metadata : user.user_metadata
};
Also if you are checking access token make sure you don’t have an opaque access token(without audience). Make sure to add audience.
Let me know if this helps!
1 Like
Ah yes. I was adding the metadata to the accessToken, but using the id_token.
my function now looks like this …
function (user, context, callback) {
console.log(‘user_metadata:’+user.user_metadata);
var namespace = ‘http://localhost:3000/ ’;
context.idToken[namespace + “user_authorization”] = {
user_metadata : user.user_metadata
};
return callback(null, user, context);
}
and works like a charm.
Thanks very much for the reply.
If i attempt to then add the user.roles they don’t show up in the jwt. ?
function (user, context, callback) {
console.log(‘user_metadata:’+user.user_metadata);
var namespace = ‘http://localhost:3000/ ’;
context.idToken[namespace + “user_authorization”] = {
user_metadata : user.user_metadata,
roles: user.roles,
};
return callback(null, user, context);
}
is that because i’m on the free tier ?
i tried enabling the auth extension as described here…
any help greatly appreciated.
system
Closed
September 30, 2020, 8:15am
5
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.