The above snippet should be used as part of a rule as mentioned in the custom claims documentation section you linked to.
With regards to getting user identity it depends; for a client application the most common situation woud be to obtain it through the use of an ID token that will both have a claim sub that contains a unique user identifier and which also may contain OIDC claims representing user information.
For an API making use of OAuth 2.0 access tokens as authorization mechanism, the currently issued access token will be a JWT that contains a sub claim that will also uniquely identify the user. If the different types of tokens (ID tokens vs access tokens) is something that you have queries about the docs at (https://auth0.com/docs/tokens) may be useful.