When I use an OIDC-generated token against userinfo, it doesn’t return identities and other claims that are considered custom under the OIDC spec. How do I get it to return this info?
You can return custom claims in the userinfo endpoint when using OIDC by adding them to the ID token via a rule.
For example, if you were to create a rule like the following:
function (user, context, callback) {
const namespace = 'https://yourdomain.url/';
if(user.user_metadata && user.user_metadata.example) {
context.idToken[namespace + 'example'] = user.user_metadata.example;
}
callback(null, user, context);
}
You’d then receive the contents of the example property when calling userinfo in the https://yourdomain.url/example key.
Don’t forget that with OIDC you must namespace any custom claims with a URL that doesn’t contain ‘Auth0’ or ‘webtask’.
Is it possible to include custom claims in the userInfo endpoint only? If the claims are always included in both the idToken/accessToken and the userInfo endpoint, then im not sure why theres a need to even use the userInfo endpoint (for the OIDC conformant flow anyway).
1 Like