I am trying to set things up to be able to get app_metadata from the /userinfo endpoint. I have looked at topics in here as well as on StackOverflow and have been stymied and confused. Using Custom Claims looks like it does what I want. Here is what I have tried:
I created a rule and the code looks like this:
function (user, context, callback) {
var namespace = "https://myNamespace.com/";
user.app_metadata = user.app_metadata || {};
context.accessToken[namespace + "app_metadata"] = user.app_metadata;
callback(null, user, context);
}
Testing the rule appears successful.
In Postman, I can hit ‘/oauth/token’ with a username and password and get an access_token just fine. But when I hit ‘/userinfo?access_token=<access_token>’, this is my response:
{
"sub": "auth0|5ef266faaba0300019ce0b26",
"nickname": "paul",
"name": "Paul",
"picture": "https://s.gravatar.com/avatar/f16f6aa3b000916dc48e6947660c201d?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fpa.png",
"updated_at": "2020-08-19T21:23:58.404Z",
"email": "nathleia.llc@gmail.com",
"email_verified": false
}