When calling the /userinfo endpoint to check the user profile, the user_id is returned in the sub. Is there a reason for this?
/userinfo endpoint is specified as part of the OpenID Connect specification (Final: OpenID Connect Core 1.0 incorporating errata set 1), and from that specification, it comes that the user identifier of the end-user should be returned in the
sub claim of the
/userinfo endpoint response and in the
sub claim of ID tokens.
In other words, although internally within the Auth0 user profile, the user identifier is stored in an attribute named
user_id when you perform an OIDC conformant flow to get an ID token or call the OIDC
/userinfo endpoint, the user identifier will be returned as part of the
You should use the value of
sub from the
/userinfo endpoint as the user identifier.