Adding user's claims to JWT

jmangelo · January 14, 2020, 4:16pm

With that rule you are only adding claims to the ID token which is the token the client application validates and extracts user information from.

If the API that will be called with the access token will also need equivalent information you can update the rule to also perform the following:

context.accessToken[‘https://AuthSpa.com/roles’] = user.app_metadata.roles;
context.accessToken[‘https://AuthSpa.com/employeeid’] = user.app_metadata.employeeid || ‘na’;

The above includes the same two custom claims into the access token due to the use of context.accessToken. The API that validates this access token can then extract this information.

Topic		Replies	Views
Angular Access Token Custom Claims Get Help jwt , auth0 , login , custom-claims	4	2599	October 13, 2022
Custom Claims in the Access Token Get Help	3	3676	October 22, 2020
Creating a login endpoint for asp.net api JWT.io jwt , auth0 , api	5	4443	December 17, 2018
Angular SPA with ASP.NET API and SSO Get Help angular-2 , sso , spa , aspnet-core , aspnet	7	7953	March 2, 2018
How add additional claim after login? JWT.io auth0 , aspnet-core	3	4142	January 5, 2019

Adding user's claims to JWT

Related topics