Only include specific claims in UserInfo (OIDC Compliant Flow)

Martin_EF_Power · January 22, 2018, 9:45pm

When adopting the OIDC compliant flows in Auth0, app_metadata and user_metadata are not included in the userinfo endpoint any longer. To include custom claims in the userinfo endpoint, we now need to add namespaced claims to the id_token using a rule.

context.idToken[namespace + ‘example’] = user.user_metadata.example;

My question is, is it possible to include custom claims in the userinfo endpoint and not include them in the id_token?

As far as i understand, we have to include any custom claims in the id_token for them to show up in the userinfo endpoint. If so, then why use the userinfo at all?

James.Morrison · December 14, 2018, 6:05pm

As it has been more than a few months since this topic was opened, and there has been no reply or further information provided as to the existence of the issue, we are closing this topic. Please don’t hesitate to create a new topic if this issue is still present, we would be happy to work with you to help find a resolution.

Topic		Replies	Views
How do you return custom claims to userinfo endpoint when using OIDC? Help userinfo , oidc , custom-claims	3	6801	March 2, 2018
Custom claims in userinfo but not in ID token Help userinfo , custom-claims	1	3784	March 2, 2018
OIDC-conformant no user_metdadata recieved Help auth0 , login	9	4141	January 8, 2019
Add Custom Claims to User Profile (User / App Metadata) Help jwt , auth0 , rules	4	4580	March 31, 2020
Best practices for custom claims using OIDC-conformant Auth0.js Help auth0js	4	6678	September 3, 2019

Only include specific claims in UserInfo (OIDC Compliant Flow)

Related Topics