Hello @tyf ,
Thanks for your feedback. Yes, I have added user_metadata to custom claims via custom Action. (Code Snippet Below)
// Logic to Get/Set User Metadata to Access/ID Tokens
if (event.authorization) {
api.idToken.setCustomClaim(`${namespace}/givenname`, event.user.user_metadata.given_name);
api.accessToken.setCustomClaim(`${namespace}/givenname`, event.user.user_metadata.given_name);
api.idToken.setCustomClaim(`${namespace}/familyname`, event.user.user_metadata.family_name);
api.accessToken.setCustomClaim(`${namespace}/familyname`, event.user.user_metadata.family_name);
api.idToken.setCustomClaim(`${namespace}/bio`, event.user.user_metadata.bio);
api.accessToken.setCustomClaim(`${namespace}/bio`, event.user.user_metadata.bio);
api.idToken.setCustomClaim(`${namespace}/title`, event.user.user_metadata.title);
api.accessToken.setCustomClaim(`${namespace}/title`, event.user.user_metadata.title);
api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
I have also successfully pulled the User object from JWT on most of my backend APIs, but one in particular (PowerBI Embedded API) crashes when I attempt to “verifyJwt” (Code Snippets Below)
//---- I initialize the required modules here ----//
const { expressjwt: jwt } = require("express-jwt");
const jwks = require("jwks-rsa");
//---- Able to successfully access the User object on calls to my Google BigQuery endpoints ----//
var verifyJwt = jwt({
secret: jwks.expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: "https://my-domain.auth0.com/.well-known/jwks.json",
}),
audience: "https://my-audience.io",
issuer: "https://my-domain.auth0.com/",
algorithms: ["RS256"],
});
router.get("/bqapi", verifyJwt, bqController.bq_get_bqapi);
//--- However, my PowerBI endpoint crashes when I attempt the same process ----//
//--- Possibly due to the fact that the PowerBI endpoint is making Asynchronous calls to the PBI API and the "verifyJwt" object is blocking access? I'm not sure ----//
//---- This Works and I am able to successfully bootstrap PBI Embedded Report ----//
router.get("/pbiapi", verifyJwt, pbiController.pbi_api);
//---- This Fails and I am unable to bootstrap PBI Embedded Report ----//
router.get("/pbiapi", verifyJwt, pbiController.pbi_api);
//--- This is the error message from PBI ----//
"Uncaught SyntaxError: Unexpected token 'C', "Cannot rea"... is not valid JSON
at JSON.parse (<anonymous>)
at Object.error (index.js:76:23)
at c (jquery.min.js:2:28327)
at Object.fireWith [as rejectWith] (jquery.min.js:2:29072)
at l (jquery.min.js:2:79926)
at XMLHttpRequest.<anonymous> (jquery.min.js:2:82355)"
That’s where I am stuck. I need to send the current User object from my ReactJS frontend to NodeJS/Express backend when users login, so that I can filter PBI Report config based on user attributes (i.e. “Company Name”). But, PBI crashes when I use “verifyJwt” and I receive an “Unauthorized” error when attempting to access User metadata vis /userinfo with an access_token.
I am looking into the “Auth0 Authorization Extension” as a possible solution. Any thoughts on that extension?
Thanks,
Carlos