When talking about the 4-step flow of Rules on the guide page, item #4 says:
Blockquote 4. 1. The ID Token and/or Access Token is passed through the Rules pipeline, then sent to the app.
Do we have access to the Access Token from inside the Rule? I was hoping to use the AccessToken JWT to reach my API, but may have to use a generic API key if not.
I know the context object has a property called âaccessTokenâ, but thatâs just an object representing the options defined on the Access Token, like claims and scope, but not the access token itself
Hey there @miketeix!
That is correct. I checked the documentation and you indeed using context object properties have access to access token properties but not the access token itself.
Iâm getting âForbiddenâ while trying to create a Rule, any idea why?
function (user, context, callback) {
user.app_metadata = user.app_metadata || {};
context.accessToken[âaccounthq.com/tenantIdâ] = user.app_metadata.tenant;
return callback(null, user, context);
}
Hey @miketeix!
Can you send me your tenant name via private message?
I think the reason might be that the namespace needs to be in the URI format:
nailed it! Thanks man!
Perfect! Glad you have it working!