Cannot embed information in IdToken using af rule

Hi - I am trying to use a rule to include extra information in the idToken of a user. I have tried following the other examples suggested here, but nothing comes back to my SPA.

When I get the token from the network tab and paste it on it does not contain the extra properties that I have added in the rule.

When I test the rule inside the auth0 portal I can see that my information is added to the context.idToken property.

Can anyone offer a suggestion?

Kind regards
Thomas Koch

Hey @xtmk,

Are you doing something like this described on this link?:

Do DM me your tenant name and rule name, I will have a quick as well.


Hi Sidarth - thank you for your reponse.

The link describes exactly what I am trying to do.

However, I just noticed that I may have overlooked an if condition that prevented the data from entering the idToken. After removing this if, I have managed to get the extra claim into the idToken.

I will give it another shot again. :slight_smile:

Kind regards

1 Like

Great, let me know how you go!

Ok - here is what I have learned.

When embedding new properties in a token you need to use a namespace-like syntax, otherwise it will not be sent back in the idToken.

Moreover when you create the rules you also need to be aware if you are using code that runs with a promise. I had a problem where my code invoked the callback before the idtoken was enriched with the information. I initially missed that bug because my extra properties were also removed du the missing namespace prefix.

I ended up with this:

function (user, context, callback) {
  var map = require('array-map');
  var ManagementClient = require('auth0@2.17.0').ManagementClient;
  var management = new ManagementClient({
    token: auth0.accessToken,
    domain: auth0.domain

  var params = { id: user.user_id, page: 0, per_page: 50, include_totals: true };
  management.getUserPermissions(params, function (err, permissions) {
    if (err) {
      // Handle error.
      console.log('err: ', err);
    } else {
      var permissionsArr = map(permissions.permissions, function (permission) {
        return permission.permission_name;
      context.idToken['<your domain name here>/permissions'] = permissionsArr;
      callback(null, user, context); /* This is set when the callback returns. Do not put it at the end of the function. */