Rules not working in machine to machine applications

I defined a rule to add email of the user to access token. But its not executing in machine to machine application. What should I do to make it execute in machine to machine application. I tried doing same thing using actions but in the method ‘onExecuteCredentialsExchange’. I am getting an error that Property ‘user’ and ‘authorization’ does not exist on type ‘Event’.

1 Like

++ same issue. I have created a M2M application with an API including audience for which I have applied hasura rules for additional information into payload of JWT token. But this rule is not applied and the token doesn’t have the additional info.

1 Like

As you have noticed, Rules only run on user login events, such as when using the authorization code grant flow, and not when using the client credentials grant flow. Likewise, there is no user object when using the client credentials grant flow since there is no user present.

If you can provide more details regarding your use case we can maybe help figure something out.

1 Like

Thanks @markd for your response,
My use case is that I need to fetch the email Id of the user who created the access token, once I recieve that token in Mulesoft API. So I thought of including the email Id at the time of token creation which I can decode in Mulesoft. What is your suggestion to do this?

To get more details about this you can refer to this post that I created earlier:-
https://community.auth0.com/t/add-email-of-the-user-to-the-access-token-using-rules/84111?u=naman.chaturvedi

I tried adding the email address as a custom claim according to Guide: Migrate your custom Rules to Auth0 Actions, but that did not work. I believe I am hitting this same issue described here.

My SPA uses the Auth0 SPA library to do authentication. That library provides an access token for API calls to my backend. This access token does not seem to contain the custom claim (email address).

I do not want to do a call to auth0 from my backend every time an api endpoint on my backend is called as that is not scalable. What is the appropriate method of obtaining the email address of a user on my backend?