We are looking to use Auth0 for IdP initiated flow. I have set up Auth0 as SP as well as Auth0 as an IdP (for testing) in another tenant. Everything is going great except when i get the id_token back in my application, it is missing profile, email, etc. The token does contain iss, sub, aud, iat, exp, ar_hash, which is great.
The issue is that even when i specify the query string in the IdP-Initiated Flow query string box as “redirect_uri=http://localhost:3000&response_type=token id_token&scope=openid profile email” no profile or email information exists in the token. When I look at the user’s raw JSON data in the dashboard, email, given name, etc. is in there.
I did create a workaround by getting an access token using Auth0 API (/oauth/token) using client secrets and then calling (/api/v2/users/samlp|samlconnectionhere|auth0|5ce5451b5cbc491139e73ede) and the profile information is returned no problem.
I was hoping to avoid this extra workaround call and simply parse the claims out of the token.
Please help. Thanks!