How to get all user Claims with tokenOptions

stephanie.chamblee · March 17, 2021, 11:13am

It sounds like the info your API needs should be encoded in the Access Token that Auth0 issues to your application after login.

After authentication takes place, Auth0 will issue an ID Token and an Access Token. The ID Token is used for your frontend to identify the user. The Access Token is sent as a bearer token in the authorization header with each API request. When you register your API, you can use the API Identifier as the audience for your application, then you’ll be issued JWT for the Access Token. Your API can validate and decode the JWT to see the claims:

{
  "iss": "https://yourtenant.us.auth0.com/",
  "sub": "google-oauth2|123456789",
  "aud": [
    "https://test.com",
    "https://yourtenant.us.auth0.com/userinfo"
  ],
  "iat": 1615979031,
  "exp": 1615979051,
  "azp": "Ti6gD0OcKmwbcl4khL82qYrLRqt4Yate",
  "scope": "openid profile email read:messages"
}

You can find libraries for validating and decoding JWTs at jwt.io.

Here is how to register an API:

Please let me know if this is the info you’re looking for! Thank you!

Topic		Replies	Views
Angular Access Token Custom Claims Get Help jwt , auth0 , login , custom-claims	4	2688	October 13, 2022
Scopes vs Permissions confusion Archived	10	16751	December 8, 2020
User Authorization, I am very confused Archived jwt , auth0 , api	5	4343	October 2, 2019
Add Roles/Claims to the access token via Login Flow Get Help login-experience , new-universal-login-experience	2	461	April 15, 2024
Scope/Permission not included in JWT Archived	12	13100	January 18, 2021

How to get all user Claims with tokenOptions

Related topics