Trying to get app_metadata from /userinfo endpoint

I am trying to set things up to be able to get app_metadata from the /userinfo endpoint. I have looked at topics in here as well as on StackOverflow and have been stymied and confused. Using Custom Claims looks like it does what I want. Here is what I have tried:

I created a rule and the code looks like this:

function (user, context, callback) {
var namespace = "https://myNamespace.com/";
user.app_metadata = user.app_metadata || {};
context.accessToken[namespace + "app_metadata"] = user.app_metadata; 
callback(null, user, context);
}

Testing the rule appears successful.

In Postman, I can hit ‘/oauth/token’ with a username and password and get an access_token just fine. But when I hit ‘/userinfo?access_token=<access_token>’, this is my response:

 {
"sub": "auth0|5ef266faaba0300019ce0b26",
"nickname": "paul",
"name": "Paul",
"picture": "https://s.gravatar.com/avatar/f16f6aa3b000916dc48e6947660c201d?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fpa.png",
"updated_at": "2020-08-19T21:23:58.404Z",
"email": "nathleia.llc@gmail.com",
"email_verified": false

}

You need to add the custom claim to the ID token; only custom claims added to the ID token will surface in /userinfo.

Replace context.accessToken[namespace + "app_metadata"] with context.idToken[namespace + "app_metadata"].

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.