/userinfo returns an empty object

Hi There!

I’m new to the Auth concept but I’m trying to implement Auth and user information retrieval for an Alexa skill I’m working on.

The Auth process works, and before redirecting the user back to the skill I am using this php snippet from the docs:

$userinfo_result = $auth0_api->userinfo( $code_exchange_result['access_token'] );
and able to get an email (using it to make sure the user is our customer and should be able to use the skill)

However, I do need to do the same from the AWS Lambda function currently hosting my skill. From my understanding once the auth process is completed and the correct scope is requested the access_token will be associated with those scopes, so whenever I’ll make a get request to /userinfo with the token I should get a representation of the user based on the requested scope.

but when I make a request from my skill I get an empty object {}.

A quick google search revealed that this might be happening because the scope is not requested.
However, during my auth process I do request it:
$auth0 = new Auth0([
‘domain’ => ‘auth.tellroby.com’,
‘client_id’ => ID,
‘client_secret’ => SECRET,
‘redirect_uri’ => $callback,
‘audience’ => ‘https://tellroby.auth0.com/userinfo’,
‘scope’ => ‘openid profile email’,
‘persist_id_token’ => true,
‘persist_access_token’ => false,
‘persist_refresh_token’ => false,
]);

And as I mentioned before, during the auth process I’m in fact able to retrieve email and validate it against our database.

My problem starts when doing so from my lambda code.
I get my access token like so:

let accessToken = handlerInput.requestEnvelope.context.System.user.accessToken;
( I console.log it and the accessToken is not undefined (seems like an auth token?) )

And yet I’m getting: {}, as a result.

Can you let me know your thoughts on the matter?

EDIT
I used the protocol debugger to get an access token and when hard coded it to my lambda code I was able to retrieve the data I was looking for.

Why do you think Alexa gives me a wrong access token? How can I fix it?

Thank you very much,
Ran

Hi @ran,

Welcome to Community!

That is certainly odd, typically you would get an error back.

Can you show an example (not the exact string of course) of the token you get back when making this request? Is it a jwt?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.