Strange namespace requirement for rule "Add email to access token"

I am trying to include user email in the access token and I found there is already such a rule in Access Control category.

The strange thing I noticed is that, it does not accept any arbitrary namespace.

function addEmailToAccessToken(user, context, callback) {
  // This rule adds the authenticated user's email address to the access token.
  var namescape = 'example.com';
  context.accessToken[namespace + '/email'] = user.email;
  return callback(null, user, context);
}

When I say it doesn’t work I mean it silently fails to add the claim.

What’s the logic behind all this?

I’m sorry, I tried editing the post but I don’t have permission.

Just to make sure, when I tried the combinations, I changed nothing else but the rule code, and called the /oauth/token endpoint then inspected the access_token on jwt.io.

Is it reasonable to say that the rule exepcts the namespace to be prefixed with http:// or https://? Why not allow arbitrary strings?

Hey there!

As this topic is related to Rules - Hooks - Actions and Rules & Hooks are being deprecated soon I’m excited to let you know about our next Ask me Anything session in the Forum on Thursday, January 18 with the Rules, Hooks and Actions team on Rules & Hooks and why Actions matter! Submit your questions in the thread above and our esteemed product experts will provide written answers on January 18. Find out more about Rules & Hooks and why Actions matter! Can’t wait to see you there!

Learn more here!