Additional user information

kalmantri1 · April 3, 2018, 4:29pm

is it possible to save additional users information on auth0 end? I need to designate each user with an access type that determines the resources made available to the users.

Any flow guidelines to achieve this?

Currently, I need to do a 3 step flow to finally reach out to my API end points for data.

to hit autho0 Token end points to get the access tokens
use the access tokens to hit an end point in my API to get the user type
then take this user type to hit the actual data end points.

I need to reduce this to 2 step process.

thanks

jmangelo · April 4, 2018, 8:51am

You can use user metadata (Understand How Metadata Works in User Profiles), in particular, for this situation the app_metadata seems to be the most suitable as I believe that the access type you mention should not be directly editable by the end-users themselves.

If you’re then requesting an access token for an API you configured at Auth0, then the access token will currently use the JWT format and you can add a custom claim to it containing the user access type. See OpenID Connect Scopes.

kalmantri1 · April 5, 2018, 7:29pm

Thank you. Can you tell how to read the app meta data from the token.
I added 2 keys under app meta data under Client from dashboard.
But when the accesstoken is generated, I do not see meta data information in there. Is it possible to show these under the access token. I need to read these keys from my web API.

samer13us · December 10, 2018, 8:31am

OK finally i solve it by doing the following :
1.go to your dashboard
2.click on rules
3.add new rule ( empty rule )
4.copy/past this script
Note don’t use your auth0 app domain ,use your original domain

   function (user, context, callback) {
  var namespace = 'https://www.originaldomain.com/';   
   if (context.idToken && user.user_metadata) {
    context.idToken[namespace + 'user_metadata'] = user.user_metadata;
  }
  if (context.idToken && user.app_metadata) {
    context.idToken[namespace + 'app_metadata'] = user.app_metadata;
  }
  callback(null, user, context);
}

5.Save
6. you will receive the user_metadata with
((ClaimsIdentity)User.Identity) this is in C# :

string userMetadata = ((ClaimsIdentity)User.Identity).FindFirst("https://www.originaldomain.com/user_metadata")?.Value;

konrad.sopala · December 12, 2018, 12:07pm

Thanks a lot @samer13us for sharing it with the rest of the community!

Topic		Replies	Views
How can I make app_metadata available in /userinfo endpoint? Get Help userinfo , authorization-extens , access-token , scope	7	17173	March 2, 2018
Cannot get user_metadata Get Help	14	9711	June 5, 2020
How to get actual app_metadata by auth0js Get Help auth0 , api	1	5158	June 10, 2019
How to access app_metadata when user logs in Get Help passport	3	15555	June 8, 2019
How to get user meta from /userinfo endpoint? Get Help login-experience , new-universal-login-experience	7	5283	December 22, 2023

Additional user information

Related topics