JWT token does not contain user profile data

Hi,

I am attempting to work with the auth0-laravel-php-web-app to embed user profiles into my database. On my frontend, using React, I am able to retrieve a JWT token using the useAuth0 hook.

import { useAuth0 } from '@auth0/auth0-react';

From there, I retrieve a token using const token = await getAccessTokenSilently(); and use that as my Authorization Bearer token to communicate with a Laravel backend.

The problem is, when I decode this token, it does not contain the user profile. here’s the token decoded:

{
  "iss": "https://myapp-dev.us.auth0.com/",
  "sub": "google-oauth2|<some_id>",
  "aud": [
    "https://api.my-app-dev",
    "https://my-app-dev.us.auth0.com/userinfo"
  ],
  "iat": 1594945405,
  "exp": 1595031805,
  "azp": "rULZplrbcwdZgKRLEJcjCLc5anvu81RP",
  "scope": "openid profile email",
  "permissions": []
}

So when this gets decoded by the server, in my CustomUserProvider.php, the $profile is empty and I do not have an email or name.

 protected function upsertUser( $profile ) {  
        return User::firstOrCreate(['sub' => $profile['sub']], [
            'email' => $profile['email'] ?? '',
            'name' => $profile['name'] ?? '',
        ]);
    }

This code is taken from https://github.com/auth0-samples/auth0-laravel-php-web-app/blob/master/01-Login/app/Repositories/CustomUserRepository.php#L20.

How do I get my JWT token to include name/email so I can work with it in my backend?

thanks :slight_smile:

You need to create a Rule that will add the profile data you want to your ID and / or access tokens.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.