Overview
This article explains if it is possible to get an organization ID or its name as a claim in an ID Token or an Access Token with the Resource Owner Password Grant (ROPG) flow.
Applies To
- Organizations
- ROPG Flow
- Actions
- Tokens
Cause
The tokens returned from the ROPG flow do not inherently return an org_id as one of the limitations of organizations is that organizations-enabled applications are not compatible with some of our grants, including ROPG as described in the following Auth0 Documentation: Limitations.
Solution
Although organizations are not supported, it is still possible to have an organization ID be present in tokens by setting one as a custom claim using actions.
- However, in this case there would be nothing in the ‘event’ object of the action that would display an organization ID.
- Therefore, if an organization ID is required, perhaps for browserless testing, it would have to either be set as a static value or depending on other attributes.
NOTE: “org_id” and “org_name” are subject to Auth0’s general restrictions on claims, so any custom usage of these would need to be namespaced to avoid collisions and being ignored.