I have the following code in the “fetch user profile script” of a custom social connection in Auth0:
function fetchUserProfile(accessToken, context, callback) {
request.get(
{
url: 'https://graph.microsoft.com/v1.0/me',
headers: {
'Authorization': 'Bearer ' + accessToken,
}
},
(err, resp, body) => {
if (err) {
return callback(err);
}
if (resp.statusCode !== 200) {
return callback(new Error(body));
}
let bodyParsed;
try {
bodyParsed = JSON.parse(body);
} catch (jsonError) {
return callback(new Error(body));
}
const profile = {
user_id: bodyParsed.id,
email: bodyParsed.mail || bodyParsed.userPrincipalName
};
if (!profile.email) {
// Handle the case when email is missing
return callback(new Error("Email not found in the user profile."));
}
callback(null, profile);
}
);
}
I get the following error when authenticating:
{
"error": "access_denied",
"error_description": "{\"statusCode\":400,\"error\":\"Bad Request\",\"message\":\"Query validation error: 'Object didn't pass validation for format email: ' on property email (Email address to search for (case-sensitive)).\",\"errorCode\":\"invalid_query_string\"}"
}
This is what is returned by the OAuth user profile endpoint in Azure AD:
{\"@odata.context\":\"https://graph.microsoft.com/v1.0/$metadata#users/$entity\",\"businessPhones\":[\"+32 xxxxxxxx\"],\"displayName\":\"Karl xxxxxxx\",\"givenName\":\"Karl\",\"jobTitle\":null,\"mail\":\"karl@xxxxxxx.com\",\"mobilePhone\":null,\"officeLocation\":null,\"preferredLanguage\":\"en-US\",\"surname\":\"xxxxxxx\",\"userPrincipalName\":\"karl@xxxxxxx.com\",\"id\":\"6db0c3ee-9032-48fc-bdb3-915f34aaaaaa\"}
The “mail” and “userPrincipalName” properties are valid email addresses. So why do i get this error?
Any help much appreciated!