WebAuth with CustomClaim

Following the documentation here:

I have ensured the custom rule is created and enabled in order to return the user_metadata / app_metadata via scopes using Auth0 WebAuth call


var webAuth = new auth0.WebAuth({
domain: ‘[Domain]’,
clientID: ‘[Client]’,
responseType: ‘token id_token’,
audience: ‘[domain]/userinfo’,
scope: ‘openid profile email app_metadata user_metadata’,
redirectUri: “

function handleAuthentication() {
webAuth.parseHash(function(err, authResult) {
if (authResult && authResult.accessToken && authResult.idToken) {
window.location.hash = ‘’;
} else if (err) {

function setSession(authResult) {
// Set the time that the Access Token will expire at
var expiresAt = JSON.stringify(
authResult.expiresIn * 1000 + new Date().getTime()
localStorage.setItem(‘access_token’, authResult.accessToken);
localStorage.setItem(‘id_token’, authResult.idToken);
localStorage.setItem(‘expires_at’, expiresAt);

webAuth.client.userInfo(localStorage.getItem(‘access_token’), (err, profile) => {
if (profile) {
localStorage.setItem(‘profile’, JSON.stringify(profile));

Checking authResult and the profile neither return the custom claim.

Apologies. I hit save a little premature

In that the scope returned only inludes the default entries: openid profile email and not app_metadata or profile_metadata.

I have also checked: Application > [NAME] > Advanced > OAuth > OIDC Conformant This setting is switched off.

Still no luck.

The Auth0 version I am using: https://cdn.auth0.com/js/auth0/9.5.1/auth0.min.js

Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?