How to retrieve the user info from the session token when using Apache2 server?

Hi, I have set up all the necessary in my Apache2 server, created the protected folder and the following are my configuration:

OIDCProviderMetadataURL https://my_dev_domain.us.auth0.com/.well-known/openid-configuration
OIDCClientID my_client_id
OIDCClientSecret 'my_client_secret'
OIDCScope "openid name email"
OIDCRedirectURI https://www.example.com/protected/redirect_uri
OIDCCryptoPassphrase my_crypto_passphrase

<Location /protected>
   AuthType openid-connect
   Require valid-user
   LogLevel debug
</Location>

Everything works, however I would like to know how to retrieve the user information from the sessions, such as name, email, etc. just like I would in the single page application?
FYI: I have read the documentation for the apache2 at: Auth0 Apache SDK Quickstarts: Login and I could not find anywhere how to retrieve the user information from the session.

Does anyone know how to get those info when using Apache? Where are those info stored and how to retrieve them? Thanks

Hi @Kato,

Welcome to the community! :slight_smile:

:thinking: I’m not an expert in this area, but it sounds like the docs (here) for the mod_auth_openidc might be the way to go. With Auth0 acting as the OP here, it will typically be the OIDC standards based authentication module - namely mod_auth_openidc - that will surface all the (custom) claims.

Hope this helps :sunglasses:

1 Like

@peter.fernandez thanks for reply. Unfortunately that does not solve my situation as I have read that documentation and also went line by line in the original file here However it does not explain me how to actually get the user data, like some very basic example of showing user name and picture from google for example. It tells you the name of multiple function and their generic use, but does not show you how to implement them and how to retrieve the new options results you just activated. If anyone here has an actual example to share would be great. Thanks

Thanks for the feedback @Kato Hopefully someone here who has more experience with mod_auth_openidc will be able to help :slight_smile: In the meantime, here’s a comment I found on Stack Overflow which might be of interest, and seems to suggest that (ID Token) claims are made available both in the environment space - as environment variables - and via HTTP request headers: apache - mod_auth_openidc how to access user variables for use in PHP - Stack Overflow. I also found a sample application, albeit in PHP, here as part of the mod_auth_openidc wiki. Hope it’s of some value :sunglasses: