Hi,
We are migrating from Identity server to Auth0 and in Identity server, we were using ‘reference token’ which is small fixed length string which hold identifier for user custom claims. To get custom claims, we need to make call to introspect endpoint to get custom claims details.
Now, in Auth0 we came across opaque token which is somewhat similar as reference token but not exactly.
Currently, this opaque token can be used with only ‘/userinfo’ endpoint but also this endpoint does not return any custom claims which added into ‘AccessToken’ through ‘Auth0 Rule’ as below:
context.accessToken.TestClaim1=‘TestClaim1’;
Recently, we came across the updates mentioned on ‘Deprecation & Migration’ (Deprecations and Migrations) i.e.
" If your tenant is running extensibility code ([Rules]/ [Hooks]/ [Actions]) that tries to set non-namespaced custom claims that are being ignored until this deprecation, then those claims will begin to appear on the tokens and the /userinfo
response. We recommend you review your configuration and Auth0 logs.".
So, my question here is that, can we expect the custom claim in ‘/userinfo’ endpoint which added into access token through rule based on above mentioned updates or this applies only for Id Token and not for access token?
Thanks,
Jaydeep S