Hello,
I’m using Apple social connection to login. I can see the user created. The user has field “last_name”, but no field “family_name”. Isn’t the field “family_name” mandatory on normalized profile?
See the screen shot attached
Another example, see screenshot attached. Apple sends “first_name” and “last_name”, but profile has no “given_name” nor “family_name”
I believe (haven’t checked myself), the claims first_name and last_name come like this from Apple, despite family_name and _given_name` being the OIDC standard claims.
If you need to map this though, you can do it within a Rule (tbh - I don’t know why it’s not automatically mapped by the Apple ID social connection by default due to normalization).
So, as a workaround, this rule should work:
function (user, context, callback) {
// you might want to add a check to only run this
// if `user.family_name` and `user.given_name` is actually missing
if (context.connectionStrategy === "apple") {
var ManagementClient = require('auth0@2.6.0').ManagementClient;
var management = new ManagementClient({
token: auth0.accessToken,
domain: auth0.domain
});
// persist in user store
management.updateUser({id: user.user_id},
{family_name: user.last_name, given_name: user.first_name})
.then(function(u){
callback(null, u, context);
})
.catch(function(err){
callback(err);
});
} else { // if not apple
callback(null, user, context);
}
}
I’ve tried mathiasconradt’s recommendation but unfortunately it doesn’t work me cause from Auth0 forbid to update family_name, given_name fields for apple connection user without disabling “Sync user profile attributes at each login” option and it gave me an error:
The following user attributes cannot be updated: family_name, given_name. The connection (apple) must either be a database connection (using the Auth0 store), a passwordless connection (email or sms) or has disabled 'Sync user profile attributes at each login'. For more information, see https://auth0.com/docs/dashboard/guides/connections/configure-connection-sync
So, I’ve stored last_name and first_name into user_metadata field:
function (user, context, callback) {
// you might want to add a check to only run this
// if `user.family_name` and `user.given_name` is actually missing
if (context.connectionStrategy === "apple") {
var ManagementClient = require('auth0@2.32.0').ManagementClient;
var management = new ManagementClient({
token: auth0.accessToken,
domain: auth0.domain
});
// persist in user store
management.updateUser({id: user.user_id},
{user_metadata: { apple_family_name: user.last_name, apple_given_name: user.first_name }})
.then(function(u){
callback(null, u, context);
})
.catch(function(err){
callback(err);
});
} else { // if not apple
callback(null, user, context);
}
}
and reading with fallback in server (in Ruby):
user_profile = auth0_client.user(
auth0_subject,
fields: "family_name,given_name,user_metadata"
)
family_name = user_profile["family_name"] || user_profile.dig("user_metadata", "apple_family_name")
given_name = user_profile["given_name"] || user_profile.dig("user_metadata", "apple_given_name")