Auth0 Home Blog Docs

Getting UserInfo using the Access Token


#1

Hi

I have the following scenario.
A single page Angular 6x App calling the Auth0 to authenticate. Then it calls the User info and obtains the role of the User.
This works fine as documented in the link https://auth0.com/docs/api/authentication#get-user-info

Now I need to call the API server using this access token which is in node.js and uses express. I was able to do the same and the token is received in the API server, I was able to validate the token.
Since I need to know the user’s role which is not present in the access token, I need to call the UserInfo that was done on the web app in the api server . I tried call the following url https://[myclientid].auth0.com/userinfo and passing the obtained access token in the header. What ever I do, it says Unauthorized.

I need to know what’s inside webAuth.client.userInfo(authResult.accessToken, function(err, user)) so that I can make the call manually using an existing token.

How do I use the token obtained from the web app to call the user info to obtain the user role?

If the flow is not correct, can I obtain the correct way to do this?


#2

Can you provide the code you’re using, removing any sensitive info?


#3

It a simple https get call, as of now I am using Insomnia similar to postman to try to get the userinfo.
The url is as mentioned before and the headers contain Bearer and AccessToken obtained from the Web Server.

I would like a code sample like this which obtains the access token to either get or post passing the existing Bearer token and obtain the userinfo

function getAccessToken(req, res, next){
  request
    .post('https://YOUR-AUTH0-DOMAIN.auth0.com/oauth/token')
    .send(authData)
    .end(function(err, res) {
      req.access_token = res.body.access_token
      next();
    })
}