How to normalize user profile in id_token?

peter.banjo · January 10, 2018, 7:37pm

I’m setting up a Single sign-on with a custom database and in Auth0 a user has a given_name, name and nickname. In our database users have a firstname and surname. What I would like to do is include some of our user properties in the id_token.

In our database connection Login script I have the following to include our firstname and surname in the Auth0 user profile -

function login(email, password, callback) {
  mongo('mongodb://user:password@mongodatabase:port/db', function (db) {
    var users = db.collection('users');
    users.findOne({ email: email }, function (err, user) {

      if (err) return callback(err);
      if (!user) return callback(new WrongUsernameOrPasswordError(email));
      bcrypt.compare(password, user.password, function (err, isValid) {
        if (err) {
          callback(err);
        } else if (!isValid) {
          callback(new WrongUsernameOrPasswordError(email));
        } else {
          callback(null, {
            user_id: user._id.toString(),
            email: user.email,
            firstname: user.firstname,
            surname: user.surname
          });
        }
      });
    });
  });
}

I can see that this information is now in the Auth0 user profile correctly. The next step is to include it in the id_token with the following rule which doesn’t seem to work -

function (user, context, callback) {
  var namespace = 'https://domain.com/';
  context.idToken = context.idToken || {};
  'firstname', 'surname'].forEach(function(item) {
    context.idToken[namespace + item] = user[item];
  });

  callback(null, user, context);
}

Can you please help me figure out what could be the problem? When I test this rule I get the following output -

The rules context is:

{
  "clientID": "123456789",
  "clientName": "MyWebApp",
  "connection": "MyDbConn",
  "connectionStrategy": "auth0",
  "protocol": "oidc-basic-profile",
  "request": {
    "query": {
      "scope": "openid"
    },
    "body": {},
    "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36",
    "ip": "X.X.X.X",
    "geoip": {
      "country_code": "AR",
      "country_code3": "ARG",
      "country_name": "Argentina",
      "region": "08",
      "city": "Federal",
      "postal_code": "3180",
      "latitude": -30.954599380493164,
      "longitude": -58.78329849243164,
      "continent_code": "SA",
      "time_zone": "America/Argentina/Buenos_Aires"
    }
  },
  "samlConfiguration": {},
  "stats": {
    "loginsCount": 5
  },
  "accessToken": {},
  "idToken": {
    "https://domain.com/firstname": "Code",
    "https://domain.com/surname": "Monkey"
  }
}

peter.banjo · January 10, 2018, 10:29pm

Does it make a difference that the identity provider I setup in Auth0 uses SAML?

konrad.sopala · August 27, 2019, 10:15am

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?

Topic		Replies	Views
How to include the username in the ID token Help	3	2112	September 30, 2021
Why does a name property in user_metadata not override name in a returned id_token? Help account-name , user_metadata	5	6340	March 2, 2018
Is it possible to replace the returned id_token in Auth0 rule Help id_token , rules	5	4653	March 2, 2018
Data format, custom attributes etc for login script return object? Help user-migration , database-connections	5	4290	August 27, 2019
How to include my own Database unique identifier in a JWT / new account that is created? Help jwt , custom-database , unique-property	3	5875	March 2, 2018

How to normalize user profile in id_token?

Related Topics