Trying to get app_metadata from /userinfo endpoint

I am trying to set things up to be able to get app_metadata from the /userinfo endpoint. I have looked at topics in here as well as on StackOverflow and have been stymied and confused. Using Custom Claims looks like it does what I want. Here is what I have tried:

I created a rule and the code looks like this:

function (user, context, callback) {
var namespace = "";
user.app_metadata = user.app_metadata || {};
context.accessToken[namespace + "app_metadata"] = user.app_metadata; 
callback(null, user, context);

Testing the rule appears successful.

In Postman, I can hit β€˜/oauth/token’ with a username and password and get an access_token just fine. But when I hit β€˜/userinfo?access_token=<access_token>’, this is my response:

"sub": "auth0|5ef266faaba0300019ce0b26",
"nickname": "paul",
"name": "Paul",
"picture": "",
"updated_at": "2020-08-19T21:23:58.404Z",
"email": "",
"email_verified": false


You need to add the custom claim to the ID token; only custom claims added to the ID token will surface in /userinfo.

Replace context.accessToken[namespace + "app_metadata"] with context.idToken[namespace + "app_metadata"].


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.