Dears,
OIDC-conformant is enabled in my application and my scope contain user_metadata
Scope = “openid email profile user_metadata app_metadata picture”
but iam not recieving any user_metadata in claims.
im developing using c#
string userMetadata = ((ClaimsIdentity)User.Identity).FindFirst(“user_metadata”)?.Value
return always null, Any help?
If you go to ‘Rules’ in your tenant and click ‘Add Rule’, you’ll get a page of templates for many common scenarios. The code for the templates are also available here:
A typical “add attribute to claim” rule looks something like (I don’t know javascript so there may be better ways to do this):
function (user, context, callback) {
if (user.app_metadata.my_attribute) {
context.accessToken['https://www.foo.bar/my_attribute'] = user.app_metadata.my_attribute;
}
callback(null, user, context);
}
but still when logged in no user_metadata received in ((ClaimsIdentity)User.Identity)?
how to extract the user_metadata from ((ClaimsIdentity)User.Identity) not from calling API https://mydomain.auth0.com/api/v2/userinfo/" + nameIdentifier)
OK finally i solve it by doing the following :
1.go to your dashboard
2.click on rules
3.add new rule (empty rule)
4.copy/past this script
Note don’t use your auth0 app domain ,use your original domain
function (user, context, callback) {
var namespace = 'https://www.originaldomain.com/';
if (context.idToken && user.user_metadata) {
context.idToken[namespace + 'user_metadata'] = user.user_metadata;
}
if (context.idToken && user.app_metadata) {
context.idToken[namespace + 'app_metadata'] = user.app_metadata;
}
callback(null, user, context);
}
5.Save
6. you will receive the user_metadata with ((ClaimsIdentity)User.Identity)
this is in C# :
I’m glad you were able to get this working. Just a couple notes:
The namespace is just a URL formatted string and can be anything. It does not need to be a functioning URL. As you have noted, it is common practice to use a string based on your own domain name since this should always be unique,
It is a best practice to minimize the amount of data you include in your tokens. Including all of app_metadata and user_metadata will work, but the recommended practice is to include just those attributes your application requires.