Email claim key

k-auth0 · March 21, 2021, 6:14pm

Please can I know why the key for claims - email is
https://example.com/email

konrad.sopala · March 22, 2021, 11:04am

Hey there!

I’m not sure if I understand what you’re trying to achieve, can you add more context? Thank you!

k-auth0 · March 22, 2021, 10:59pm

Hi Konrad.sopala

when token is passed to backend services, we can extract claims from JWT. They look like below

sub: auth0|somehash
aud: null
https://example.com/email: <>
azp: somethingencrypted
scope: scopes
iss: https://your auth0 account/
exp: null
iat: null

So my question is - what is “https://example.com/email”,
It is key for user email, but why that special key, instead of email?

supun · March 23, 2021, 1:59am

Hi @k-auth0,

Are you using a Rule to add custom claims to the tokens?

k-auth0 · March 23, 2021, 7:52am

Hi @supun AFAIK I did no customization. All I wanted was to identify user from JWT token.

So angular is doing the token generation, and calling endpoint. The spring needs to know who it is from JWT token. None of the keys are added by me
sub: auth0|somehash
aud: null
exp: null
iat: null
…+ everything you see

supun · March 23, 2021, 9:09am

Hi @k-auth0 ,

Thank you for the response.

Please DM me your tenant name to inspect the configurations internally.

k-auth0 · March 23, 2021, 10:02am

Someone created this script

k-auth0 · March 23, 2021, 10:07am

Now I will come back to the basics.

I want to get email from token in the backend spring service. The object I use is of type - AuthenticationJsonWebToken

Do I need to create rule? If yes, is there a proper example.
If rule not needed, then how to identify the user from token in spring backend

k-auth0 · March 23, 2021, 10:31am

@supun you did mention - sample use cases: scopes and claims

but it is too much for me …I won’t do for the sake of doing. In Postman I am specifying scopes.
what should I do in angular application, for the same? do I need to specify token options for every endpoint??

Why is the product so complicated?
why expecting to specify claims , are there nothing like default?? openid, profile, email and any scopes are added only to be passed isn’t? why again explicit?

Traditional AD Example: If a user is added to set of groups in active directory, do user has to specify those groups in every call? No. Then why this parameter - scope=openid%20profile%20email&

Step:
Initiate the authentication flow by sending the user to the authorization URL:

It asks me to configure…ok I selected a machine to machine app

why ngrok is coming - redirect_uri=https://79ff***6cd.ngrok.io&?? Cant I test using postman?

k-auth0 · March 24, 2021, 10:53am

Can I get an answer? This is not asking for customization, but “how to”
Im afraid I can’t use Auth0

Topic		Replies	Views
How to get Claims - email from JWT Help jwt , auth0 , api	7	4712	March 31, 2022
Add email to initial token? Help	6	5697	April 23, 2020
No Email in User.Claims when using JwtBearerDefaults.AuthenticationScheme Help angular , jwt , api , claims	5	5650	June 16, 2020
Rule to add user email to access token? Help	8	5689	September 16, 2021
Adding email_verified to accessToken Help rules , access-token , email-verification	4	5955	July 25, 2019

Email claim key

Related Topics