I can’t figure out how to access app_metadata property in my controller (ASP.NET WebAPI 2) .
I added CMP_KEY in app_metadata for all users…
Here is what I’ve tried so far:
//get userID from access_token(WORKS !):
var claimsIdentity = User.Identity as ClaimsIdentity;
string userID = claimsIdentity.Claims.FirstOrDefault(c => c.Type == System.IdentityModel.Claims.ClaimTypes.NameIdentifier).Value;
//get CMP_KEY from Auth0 app_metadata (NOT WORKING - ALWAYS Null)
string lc_cmp_key = claimsIdentity.Claims.FirstOrDefault(c => c.Type == “https://my_domain.com/CMP_KEY”)?.Value;
string lc_cmp_key2 = claimsIdentity.Claims.FirstOrDefault(c => c.Type == “CMP_KEY”)?.Value;
string lc_cmp_key3 = ClaimsPrincipal.Current.FindFirst(“CMP_KEY”)?.Value;
Any help appreciated !
Have in mind that you should add the custom claims you want to be available in the access token through rules; it is not enough to add a property to the app_metadata
. From the provided information it is not clear if you really setup the rule or not.
I tried with my local environment which is running ASP .NET Web API 2 in OWIN and it worked as expected.
In particular, if I added the following rule to the list of rules to be executed:
function (user, context, callback) {
context.accessToken"https://example.com/CMP_KEY"] = "CMP01";
callback(null, user, context);
}
Proceeded to perform an end-user login that requested an access token for my API (used a resource owner password credentials grant for simplicity) I obtained an access token with this payload:
{
"https://example.com/CMP_KEY": "CMP01",
"iss": "https://[your_domain].auth0.com/",
"sub": "auth0|5a2532444778270fa",
"aud": "https://dotnetowinapi.example.com",
"iat": 1512387660,
"exp": 1512474060,
"azp": "kPtiQTNwnhwqEwYFQ2NFtfUiIG",
"scope": "read:values create:values",
"gty": "password"
}
Finally, after configuring the API to process the access token issued by my Auth0 service and adding the authorize attribute to my controller I was able to access my custom claim using:
string key = ClaimsPrincipal.Current.Claims.FirstOrDefault(c => c.Type == "https://example.com/CMP_KEY")?.Value;
1 Like