I am creating a simple API based on the quickstart for node/express, and using Postman to send requests. I’m trying to return the userinfo, but am not getting the desired data in the req.user object after it has authenticated with express-jwt. My req.user object looks like:
{ iss: 'https://MY-DOMAIN.auth0.com/',
sub: 'google-oauth2|***',
aud:
[ 'https://MY-API-AUDIENCE',
'https://MY-DOMAIN.auth0.com/userinfo' ],
iat: ***,
exp: ***,
azp: 'MY-CLIENT-ID',
scope: 'openid profile email',
permissions: [] }
I’m not sure why I’m not getting the email and other user data in the request object?
The express-jwt check is performed in a middleware like this:
const checkJwt = jwt({
secret: jwksRsa.expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `${process.env.AUTH0_DOMAIN}.well-known/jwks.json`
}),
// Validate the audience and the issuer.
audience: process.env.AUTH0_AUDIENCE,
issuer: process.env.AUTH0_DOMAIN,
algorithms: ['RS256']
});
(The audience is the MY-API-AUDIENCE, not the userinfo audience)