How to add user group info as part of access token?

Tried below code for fetching group information , but I didn’t get group info as part of access token

// rule script
context.idToken[namespace + ‘/groups’] = user.groups;

Hello @selvi_ranganathan welcome to the community!

Are you by chance mistaking groups for roles? Here is an example of adding roles to tokens in the context of a Rule, and here within the context of an Action.

We recommend using Actions if you can, hope this helps :smile:

1 Like

@tyf No I just want to know how can I get which user belongs to which groups, not roles

Ahh OK gotcha! Thanks for clarifying :slight_smile: I assume you are using the Authorization Extension?

Justo clarify, the groups claim will be in the ID Token as opposed to the Access Token using the code above.

Typically, if the groups claim is not showing up in an a token it is due to a misconfiguration - There are a few steps you may want to double check if you are not receiving groups in your ID Token:

  • Configured the Authorization extension to to include groups as part of the user context.

  • Published the extension required rule, AND are sure that is placed ahead of your rule to add the groups to the ID Token.

Configuration steps are outlined here and here is an example of a role adding groups to the ID Token.

Hope this helps!

1 Like