How to have and what to do with /userinfo result

Help
1

Hello,

With my company we are trying Auth0 and I’m a bit confused about the workflow.

I basically have the default API (Auth0 management API) and I created a react APP.
I downloaded the code and after login through email / pwd or google I can see the accessToken.

From this, if you follow the doc, you can request the endpoint mydomain.eu.auth0.com/userinfo with the previous user accessToken.

But the returned value is made of the sub info only (being for example google-oauth2|2389754561…) which is already present in the login returned value.

So, is it possible to have more informations from the basics auth0 (when you’re a new user) setup or is it a completely different configuration to do?

I’ve been looking at the doc for quite some time now and apparently you need to enable some specific scopes (in the API side?) which are openid / profile(?) but you can’t change the default API nor do I understand why creating a new API would change the endpoint to request for /userinfo (as the doc tells you to use https://yourdomain.eu.auth0.com)

  • Nonetheless what exactly the scopes would be? read:openid / read:profile ?

I’m really confused about it :slight_smile:

2

ok I just figure it out (took me quite long haha) that actually this scope story is to be in the client requesting and has nothing to do with the auth0 dashboard and management.

In the react app you get:

auth0 = new auth0.WebAuth({
    domain: AUTH_CONFIG.domain,
    clientID: AUTH_CONFIG.clientId,
    redirectUri: AUTH_CONFIG.callbackUrl,
    audience: `https://${AUTH_CONFIG.domain}/userinfo`,
    responseType: 'token id_token',
    scope: 'openid'
  });

the scope needs to have the profile parameter added after openid.