The recommendation for most cases would be to use the custom claims approach in rules; can you clarify if you tried it and you could not get the info on the token or you tried and although it worked it did not meet your requirements. If it’s the former then update the question with the sample rule code, if the latter then state what requirements could not be met with the custom claims approach.
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Difficulty Using Management API, getting token | 3 | 3098 | October 9, 2019 | |
| Adding audience to token | 5 | 6595 | January 29, 2025 | |
| Unauthorized, Bad audience for management api | 10 | 21489 | September 9, 2019 | |
| Calling Management API with idToken | 4 | 6024 | August 27, 2019 | |
| Best practices for validating access token and getting user info | 2 | 6150 | December 17, 2018 |