Not getting userinfo data with express-jwt

aorsten · April 30, 2019, 8:57am

I am creating a simple API based on the quickstart for node/express, and using Postman to send requests. I’m trying to return the userinfo, but am not getting the desired data in the req.user object after it has authenticated with express-jwt. My req.user object looks like:

{ iss: 'https://MY-DOMAIN.auth0.com/',
  sub: 'google-oauth2|***',
  aud:
   [ 'https://MY-API-AUDIENCE',
     'https://MY-DOMAIN.auth0.com/userinfo' ],
  iat: ***,
  exp: ***,
  azp: 'MY-CLIENT-ID',
  scope: 'openid profile email',
  permissions: [] }

I’m not sure why I’m not getting the email and other user data in the request object?

The express-jwt check is performed in a middleware like this:

const checkJwt = jwt({
    secret: jwksRsa.expressJwtSecret({
        cache: true,
        rateLimit: true,
        jwksRequestsPerMinute: 5,
        jwksUri: `${process.env.AUTH0_DOMAIN}.well-known/jwks.json`
    }),

    // Validate the audience and the issuer.
    audience: process.env.AUTH0_AUDIENCE,
    issuer: process.env.AUTH0_DOMAIN,
    algorithms: ['RS256']
});

(The audience is the MY-API-AUDIENCE, not the userinfo audience)

aorsten · April 30, 2019, 9:28am

Or am I misunderstanding this. Do I need to do a GET request for MYDOMAIN.auth0.com/userinfo?

konrad.sopala · September 2, 2019, 1:21pm

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?