How to get user information from the Laravel API side

I’ve got a Vue SPA working with a Laravel API. I’m using the implicit flow and everything works. I can authenticate the client, get tokens on the client, send them to my laravel api and authenticate against the api. No problems there.

But I cannot get the user profile information on the API side. I need it to do some checks on the user and to make sure the user is accessing the correct resources based on email address or whatever.

Tried. Auth0::getUser() but that just returns 1.

If I have a valid user with an access token, how should I get the user profile information from the OOID? (email, name, etc) Do I have to use the management API? If so, does that mean that every time I validate a token on the api side, I need to check with the management API to re-pull the credentials?

Hi @thaMink,

You have a couple of options to get a user’s information on your API side.

  • Make a request to the Authentication API’s userinfo endpoint to get the user’s profile.
  • Use the Management API’s get user by id endpoint (You might hit the management API rate limit if you are doing this a lot.)
  • Add user data to the access token in a rule with a custom claim. This one will save you the extra request, but will increase token size.

There are tradeoffs for each approach. With the first two you have to make extra requests to get user info, with the latter approach you may be increasing token size which could be a problem if you are wanting a lot of data.

Hope this helps,
Dan