We are logging in with mfa Audience… which also needs userinfo audience to query it later… how is it achievable…?
Hello @authneumoney !
How exactly are you logging users in? Are you able to confirm that the access tokens granted don’t already contain the /userinfo audience as outlined below?
Hey @woeterman94 ,
You cannot remove the /userinfo audience. It is included by default for all issued Access Tokens.
If you specify an audience of your custom API identifier and a scope of openid, then the resulting access token’s aud claim will be an array rather than a string, and the access token will be valid for both your custom API and for the /userinfo endpoint. Other than in the use case of a single custom API as well as Auth0’s /userinfo endpoint, your access tokens will be unable to …
Let us know!
Thanks for the reply
Awesome, that’s good to know! Thanks for confirming here
