I have seen in other discussions, that rules are not executed when fetching tokens via the client_credentials flow. In our case, we use the Resource Owner Password Flow to retrieve tokens from the tenant. Can anyone give me some suggestions, how we can extend the token? Infos we would like to have in there would be roles or things like the user_metadata. In the documentation it says, that hooks can be used for this, but in the corresponding hook ( Client Credentials Exchange), I can’t see anything related to the user.
module.exports = function(client, scope, audience, context, cb)
Here I can modify the access_token, but where do I get the user-information? Is this even possible in auth0?