Using Go to check tokens, how can I get the email address?

I’m using react auth0 sdk, and I’m making a GET /users/me to my Go api.

I am wondering how I can get the email from the token. When I inspect my token on, I see

  "nickname": "xxxxx",
  "name": "",
  "picture": "...........",
  "updated_at": "2023-09-10T18:05:46.705Z",
  "email": "",
  "email_verified": false,
  "iss": "........",
  "aud": ".............",
  "iat": 1694370629,
  "exp": 1694372429,
  "sub": "auth0|............",
  "sid": ".........",
  "nonce": "........"

Here’s my Go code-

type CustomClaims struct {
	Scope string `json:"scope"`

// Validate does nothing for this example, but we need
// it to satisfy validator.CustomClaims interface.
func (c CustomClaims) Validate(ctx context.Context) error {
	return nil

// EnsureValidToken is a middleware that will check the validity of our JWT.
func (h *Http) EnsureValidToken(next http.Handler) http.Handler {

	middleware := jwtmiddleware.New(

	return middleware.CheckJWT(next)

Unfortunately here’s the JSON of what I get when I check what is added to the context -

    "CustomClaims": {
        "email": "",
        "scope": "openid profile email"
    "RegisteredClaims": {
        "iss": ".........",
        "sub": "auth0|...........",
        "aud": [
        "exp": 1694372429,
        "iat": 1694370629
1 Like

Hey @KLP welcome to the community!

Thanks for the detailed description of what you’re seeing :slight_smile:

This is a decoded ID token whereas the token in your Go code is an access token - Are you adding email as a custom claim to the access token? If not, I believe that should do the trick. You’ll need to add it using a post-login action, something like:

exports.onExecutePostLogin = async (event, api) => {
  if (event.authorization) {

The email claim is not added to access tokens by default.

Keep us posted!