How to make roles a key in JSON rather than namespace - accessing custom claims from NodeJS/Express using Actions

nc14 · March 22, 2022, 10:59am

I’ve used an action to add roles my ID token using this script :


exports.onExecutePostLogin = async (event, api) => {
  const namespace = 'https://my-app.example.com';
  if (event.authorization) {
    api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
    api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
  }
}

But the output of the JSON in the token is now like this :

{
  'https://localhost:3000.com/roles': [ 'user' ],
  nickname: 'test',
  name: 'test@test.com',
  picture: 'https://s.gravatar.com/avatar/b642b4217b34b1e8d3bd915fc65c4452?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fte.png',
  updated_at: '2022-03-22T14:26:31.519Z',
  email: 'test@test.com',
  email_verified: false,
  sub: 'auth0|6228c2435b5a0b00700561f1'
}

I EITHER want it to be like

roles: [‘user’]
nickname: ‘test’,
etc

So it is easier to access using req.oidc.user.roles

OR alternatively, how do I access the roles value from here in NodeJS/Express?

tyf · March 30, 2022, 4:58pm

Hey there @nc14 !

This is expected behavior and there unfortunately isn’t anyway around the requirement for namespaced custom claims currently. I have heard rumblings that this may be enabled in the future (a common ask), however I’m unable to provide any sort of timeline on that front.