Having spend some frustrating hours trying to get this working, working with very disparate documentation/resources and a million popup windows, here is a basic outline to update the C# API library from version 3 to version 4, if you use user_metadata and app_metadata.
The critical bits of information you need (are you have updated to the latest nuget packages) are:
Client Setup
In the Advanced settings, OAuth tab, switch on the OIDC Conformant option.
Authenticating
Use GetTokenAsync
as per the documentation.
something like:
var accessTokenResponse = await client.GetTokenAsync(new ResourceOwnerTokenRequest
{
ClientId = Auth0Settings.ClientId,
ClientSecret = Auth0Settings.ClientSecret,
Scope = "openid profile",
Realm = Auth0Settings.DatabaseConnection,
Username = model.EmailAddress,
Password = model.Password
});
then use accessTokenResponse
to get the user info (id token is no longer used)
var user = await client.GetUserInfoAsync(accessTokenResponse.AccessToken);
This result of this is now a UserInfo
object, not a User object, however elsewhere in the API Client libraries User
is still used.
Additional Client Setup
This did not work until I added the grant_types to the Client account.
(I had created a new client account, which sis not work in V3, hence upgrading, but the Client account still doesnât work out the box, you will need to âpatchâ the client account and add the grant_types)
This is done in the Management API tools, vi at the âUpdate a clientâ form, see the Answer and comments here for more info: http://community.auth0.com/questions/3944/error-grant-type-password-not-allowed-for-the-clie
Metadata and Claims:
Everything regarding creating and retrieving users with associated metadata works exactly the same, the only exception is how the metadata is returned when getting user info above, in this case the app_metadata and user_metadata is no longer returned as they are not a standard OIDC claim. In order to have these returned, you need to add these to the âAdditional Claimsâ returned in the user info as custom claims.
To return the meta data you will need to add a rule to add this metadata, I added this:
// Name: Custom Claims
function (user, context, callback) {
var namespace = 'http://brightertools.com/';
context.idToken[namespace + 'user_metadata'] = JSON.stringify(user.user_metadata);
context.idToken[namespace + 'app_metadata'] = JSON.stringify(user.app_metadata);
callback(null, user, context);
}
Then in the UserInfo
you can get the metadata JSON strings:
e.g.:
var AppMetaDataJsonString = user.AdditionalClaims.Where(x => x.Key == $"{Auth0Settings.ClaimsNamespace}app_metadata").Select(x => x.Value.ToString()).FirstOrDefault()
Impersonation
To get impersonation working, you will need to get this feature switched on for your tenant account. The impersonation details are no longer in the User info, they will need to be returned within the users claims via a rule, and you may need to update your Client grant types: see these answers for more info:
http://community.auth0.com/answers/4823/view