Auth0 Home Blog Docs

ASP.NET Web API2 Framework 4.5.2 access app_metadata



I can’t figure out how to access app_metadata property in my controller (ASP.NET WebAPI 2) .
I added CMP_KEY in app_metadata for all users…

Here is what I’ve tried so far:
//get userID from access_token(WORKS !):
var claimsIdentity = User.Identity as ClaimsIdentity;
string userID = claimsIdentity.Claims.FirstOrDefault(c => c.Type == System.IdentityModel.Claims.ClaimTypes.NameIdentifier).Value;
//get CMP_KEY from Auth0 app_metadata (NOT WORKING - ALWAYS Null)
string lc_cmp_key = claimsIdentity.Claims.FirstOrDefault(c => c.Type == “”)?.Value;
string lc_cmp_key2 = claimsIdentity.Claims.FirstOrDefault(c => c.Type == “CMP_KEY”)?.Value;
string lc_cmp_key3 = ClaimsPrincipal.Current.FindFirst(“CMP_KEY”)?.Value;

Any help appreciated !


Have in mind that you should add the custom claims you want to be available in the access token through rules; it is not enough to add a property to the app_metadata. From the provided information it is not clear if you really setup the rule or not.

I tried with my local environment which is running ASP .NET Web API 2 in OWIN and it worked as expected.

In particular, if I added the following rule to the list of rules to be executed:

function (user, context, callback) {
  context.accessToken""] = "CMP01";
  callback(null, user, context);

Proceeded to perform an end-user login that requested an access token for my API (used a resource owner password credentials grant for simplicity) I obtained an access token with this payload:

  "": "CMP01",
  "iss": "https://[your_domain]",
  "sub": "auth0|5a2532444778270fa",
  "aud": "",
  "iat": 1512387660,
  "exp": 1512474060,
  "azp": "kPtiQTNwnhwqEwYFQ2NFtfUiIG",
  "scope": "read:values create:values",
  "gty": "password"

Finally, after configuring the API to process the access token issued by my Auth0 service and adding the authorize attribute to my controller I was able to access my custom claim using:

string key = ClaimsPrincipal.Current.Claims.FirstOrDefault(c => c.Type == "")?.Value;