Only include specific claims in UserInfo (OIDC Compliant Flow)

Martin_EF_Power · January 22, 2018, 9:45pm

When adopting the OIDC compliant flows in Auth0, app_metadata and user_metadata are not included in the userinfo endpoint any longer. To include custom claims in the userinfo endpoint, we now need to add namespaced claims to the id_token using a rule.

context.idToken[namespace + ‘example’] = user.user_metadata.example;

My question is, is it possible to include custom claims in the userinfo endpoint and not include them in the id_token?

As far as i understand, we have to include any custom claims in the id_token for them to show up in the userinfo endpoint. If so, then why use the userinfo at all?

James.Morrison · December 14, 2018, 6:05pm

As it has been more than a few months since this topic was opened, and there has been no reply or further information provided as to the existence of the issue, we are closing this topic. Please don’t hesitate to create a new topic if this issue is still present, we would be happy to work with you to help find a resolution.

Topic		Replies	Views
How do you return custom claims to userinfo endpoint when using OIDC? Get Help userinfo , oidc , custom-claims	3	6900	March 2, 2018
Custom claims in userinfo but not in ID token Get Help userinfo , custom-claims	1	3803	March 2, 2018
Trying to get app_metadata from /userinfo endpoint Get Help rules , app_metadata , custom-claims	2	3664	September 4, 2020
Custom claims to the Access Token Get Help	2	2967	August 6, 2019
Calling client.userInfo method does not return user_metadata Get Help auth0js , user-metadata	8	10229	March 2, 2018

Only include specific claims in UserInfo (OIDC Compliant Flow)

Related topics