I am trying to add a custom claim to my access tokens using a custom action:
exports.onExecutePostLogin = async (event, api) => {
// This adds the authenticated user's email address to the access token.
if (event.authorization) {
const namespace = 'https://foo.com';
api.accessToken.setCustomClaim(`${namespace}/claims/userId`, event.user.user_id);
}
};```
I retrieve an access token using the new PKCE grant type for OAuth 2.0 Authorisation in Postman 10.6.7
I am getting an access token back but the payload is empty.
Any ideas on what I'm doing wrong?
Thanks
Yes should be some claims unless your access token is still opaque which is shouldn’t be if you included an audience in your /authorize request, see my test below: