User_ID listed as 'SUB'

Problem statement

When calling the /userinfo endpoint to check the user profile, the user_id is returned in the sub. Is there a reason for this?


The /userinfo endpoint is specified as part of the OpenID Connect specification (Final: OpenID Connect Core 1.0 incorporating errata set 1), and from that specification, it comes that the user identifier of the end-user should be returned in the sub claim of the /userinfo endpoint response and in the sub claim of ID tokens.

In other words, although internally within the Auth0 user profile, the user identifier is stored in an attribute named user_id when you perform an OIDC conformant flow to get an ID token or call the OIDC /userinfo endpoint, the user identifier will be returned as part of the sub claim.

You should use the value of sub from the/userinfo endpoint as the user identifier.