Getting User Information Using Go API Authorization

,

I am following the Go API: Authorization tutorial to secure my GoLang API: Auth0 Go API SDK Quickstarts: Authorization

This all works fine and I can validate a token. But ultimately I need some user information from the logged-in user, their user_id at the least. Is this something the auth0 validator library is able to handle in the process of validating the token? I was expecting some helper functionality to pull this information but I can’t find any functions in the library doing this. Or do I need to manually pull the user information myself using the token after it’s validated?

I was kind of expecting to get an ID Token from validation but that object doesn’t seem to exist for me.

So the main issue here was I was retrieving an access token with a client grant from an app so I wasn’t logged in as a user :person_facepalming:.

Once you pass an access token actually tied to a user, the user_id is available on the valid claim:

claims := r.Context().Value(jwtmiddleware.ContextKey{}).(*validator.ValidatedClaims)
claims.RegisteredClaims.Subject

I do think it would be nice if the ValidateToken method was more exposed from the library so I could call it in my middleware and define the context however I want, with the valid claims inside of my own struct. Still this is great :slight_smile:

2 Likes

Glad you have figured it out and thanks for sharing with the rest of community! I’m gonna relay that feedback to appropriate team!