- I am trying to get app metadata and user metadata using accesstoken by UserNameAndPassword authentication.
- But I am getting role information alone, While decoding my access token.
- Added below rule script
function (user, context, callback) {
const namespace = 'https://myapp.example.com';
const assignedRoles = (context.authorization || {}).roles;
let idTokenClaims = context.idToken || {};
let accessTokenClaims = context.accessToken || {};
idTokenClaims[`${namespace}/role`] = assignedRoles;
accessTokenClaims[`${namespace}/role`] = assignedRoles;
context.idToken = idTokenClaims;
context.accessToken = accessTokenClaims;
if (context.idToken && user.user_metadata) {
context.idToken[namespace + 'user_metadata'] = user.user_metadata;
}
if (context.idToken && user.app_metadata) {
context.idToken[namespace + 'app_metadata'] = user.app_metadata;
}
return callback(null, user, context);
}
-
Curl command
curl --request POST
–url ‘https://domain/oauth/token’
–header ‘content-type: application/x-www-form-urlencoded’
–data grant_type=password
–data username=sample@gmail.com
–data password=pwd
–data audience=https://domain/api/v2/
–data ‘client_id=bdskjafdf’
–data scope=openid profile email phone
–data client_secret=nfnkdfndndfn -
decode sample response
{
“https://myapp.example.com/role”: [
“role-a”,
“role-b”
],
“iss”: “https://domain.com/”,
“sub”: “auth0|00000000070688462”,
“aud”: [
“https://domain/api/v2/”,
“https://domain/userinfo”
],
“iat”: 164650,
“exp”: 1646050,
“azp”: “sbdkjbskjkn”,
“scope”: “openid profile email address phone read:current_user update:current_user_metadata delete:current_user_metadata create:current_user_metadata create:current_user_device_credentials delete:current_user_device_credentials update:current_user_identities”,
“gty”: “password”
}
- Need clarification What url need to be passed on rule const namespace = ‘https://myapp.example.com’;