is it possible to save additional users information on auth0 end? I need to designate each user with an access type that determines the resources made available to the users.
Any flow guidelines to achieve this?
Currently, I need to do a 3 step flow to finally reach out to my API end points for data.
to hit autho0 Token end points to get the access tokens
use the access tokens to hit an end point in my API to get the user type
then take this user type to hit the actual data end points.
You can use user metadata (Understand How Metadata Works in User Profiles), in particular, for this situation the app_metadata seems to be the most suitable as I believe that the access type you mention should not be directly editable by the end-users themselves.
If you’re then requesting an access token for an API you configured at Auth0, then the access token will currently use the JWT format and you can add a custom claim to it containing the user access type. See OpenID Connect Scopes.
Thank you. Can you tell how to read the app meta data from the token.
I added 2 keys under app meta data under Client from dashboard.
But when the accesstoken is generated, I do not see meta data information in there. Is it possible to show these under the access token. I need to read these keys from my web API.
OK finally i solve it by doing the following :
1.go to your dashboard
2.click on rules
3.add new rule ( empty rule )
4.copy/past this script
Note don’t use your auth0 app domain ,use your original domain
function (user, context, callback) {
var namespace = 'https://www.originaldomain.com/';
if (context.idToken && user.user_metadata) {
context.idToken[namespace + 'user_metadata'] = user.user_metadata;
}
if (context.idToken && user.app_metadata) {
context.idToken[namespace + 'app_metadata'] = user.app_metadata;
}
callback(null, user, context);
}
5.Save
6. you will receive the user_metadata with ((ClaimsIdentity)User.Identity) this is in C# :