We’ve implemented Auth0 based OAuth implementation for our ChatGPT connector (MCP based connector), but we’re unable to identify our users.
The issue is that ChatGPT’s OAuth flow isn’t requesting the openid or profile scopes during authentication, even though our Auth0 .well-known endpoint advertises them.
This results in our API receiving a valid access token from Auth0, but it’s “claims-less” — it has no sub, email, or other user data.
This seems to be a known problem with ChatGPT connectors. There are already similar questions in auth0 as well as in openai community forums ( I am not able to link them here).
Is there any workaround or configuration in Auth0 (perhaps using Actions) to force user claims into the access token, even when the client doesn’t request the standard OIDC scopes?
Thanks for any help!