I have a Laravel 6 application that has been using the stock authentication for a while now. We would like to integrate with Auth0 to allow SSO through PingFederate. The connection is setup and working, but we need Auth0 to return some additional user info.
The IdD is returning some extra data (email, employee id) that we need to look the user up in our system. In Auth0, if I go into my tenant, then the appliction, and click on “Users”, click on a user who has logged in succesfully, I can go to Raw JSON and see all the fields the IdP returned.
How do I get these fields passed down to my Laravel application on login?
The appropriate way to do this is to use a rule to explicitly add the additional information to the ID token using custom claims (see OpenID Connect Scopes).
If you have, for example, an employee_id field you could do:
function (user, context, callback) {
// namespace can be any URL (doesn't have to resolve to anything)
// but it cannot be an auth0 domain
const namespace = 'https://myapp.example.com/';
context.idToken[namespace + 'employee_id'] = user.employee_id;
callback(null, user, context);
}