Hi,
I’m trying to replace a Auth0 login flow proxy in my automated tests by a non-interactive flow as described here. But the token’s payload I get is different than the one from an interative flow, namely the custom data from app_metadata
data is missing.
I’ve already read this thread and this documentation page to add customs claims to a token response and I succeeded in adding data in the response’s access_token
based on the user’s app_metadata
but the naming cannot be the same as in the interactive flow’s JWT it seems. That’s my problem.
From the interactive flow, I get:
"app_metadata": {
"roles": "doc", "admin"],
"stores": {
"id": "store1.example.com",
"roles": "admin"]
}, {
"id": "store2.example.com",
"roles": "admin"]
}
]
},
"stores": {
"id": "store1.example.com",
"roles": "admin"]
}, {
"id": "store2.example.com",
"roles": "admin"]
}
]
But, in the non-interactive flow, I must add a namespace identifier for the claim otherwise it’s simply dropped… Using this rule, I managed to achieve:
Custom Rule
function (user, context, callback) {
context.accessToken'http://we.dont.care/stores'] = user.stores;
context.accessToken'http://we.dont.care/roles'] = user.roles;
callback(null, user, context);
}
Which leads to
"http://we.dont.care/stores": {
"id": "store.acme.com",
"roles": "admin"]
},
{
"id": "other.store.com",
"roles": "admin"]
}
],
"http://we.dont.care/roles": "doc", "admin"],
Can we achieve the same naming? Why is the http://we.dont.care/
identifier prefix necessary?
Thanks a lot