Additional user information

is it possible to save additional users information on auth0 end? I need to designate each user with an access type that determines the resources made available to the users.

Any flow guidelines to achieve this?

Currently, I need to do a 3 step flow to finally reach out to my API end points for data.

  1. to hit autho0 Token end points to get the access tokens
  2. use the access tokens to hit an end point in my API to get the user type
  3. then take this user type to hit the actual data end points.

I need to reduce this to 2 step process.


You can use user metadata (Understand How Metadata Works in User Profiles), in particular, for this situation the app_metadata seems to be the most suitable as I believe that the access type you mention should not be directly editable by the end-users themselves.

If you’re then requesting an access token for an API you configured at Auth0, then the access token will currently use the JWT format and you can add a custom claim to it containing the user access type. See OpenID Connect Scopes.

Thank you. Can you tell how to read the app meta data from the token.
I added 2 keys under app meta data under Client from dashboard.
But when the accesstoken is generated, I do not see meta data information in there. Is it possible to show these under the access token. I need to read these keys from my web API.

1 Like

OK finally i solve it by doing the following :
1.go to your dashboard on rules
3.add new rule ( empty rule )
4.copy/past this script
Note don’t use your auth0 app domain ,use your original domain

   function (user, context, callback) {
  var namespace = '';   
   if (context.idToken && user.user_metadata) {
    context.idToken[namespace + 'user_metadata'] = user.user_metadata;
  if (context.idToken && user.app_metadata) {
    context.idToken[namespace + 'app_metadata'] = user.app_metadata;
  callback(null, user, context);

6. you will receive the user_metadata with
((ClaimsIdentity)User.Identity) this is in C# :

string userMetadata = ((ClaimsIdentity)User.Identity).FindFirst("")?.Value;

1 Like

Thanks a lot @samer13us for sharing it with the rest of the community!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.