coreyh
1
[Rules] Is it possible to access the signed JWT token values within rules after they are serialized?
So I can use the value when calling a 3rd party api to get a federated identity to put in the Auth0 auth result when it’s sent to the client.
I am not sure this is possible and I may need to handle it in my app code if not.
I’ve tried this
but I get this error when trying the rule
ERROR: Cannot read property 'signing_secret' of undefined
Thanks.
coreyh
2
I got it
In the testing harness the clientsecret has to be specified in the payload duh.
var jwt = require('jsonwebtoken@7.1.9');
var request = require('request@2.56.0');
var userInfoToken = jwt.sign(
{
email: user.email,
iat: Math.floor(Date.now() / 1000) - 2
},
'MyClientSecret',
{
expiresIn: 4,
audience: context.request.query.audience,
issuer: 'https://' + context.request.hostname + '/'
}
);
I was able to do a quick test by putting the secret in the Auth0 rule and it outputted the JWT so this solution works.
1 Like
system
Closed
3
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.