What is the scope for the custom claims?

OpenID Connect Core 1.0 spec lists 4 scopes with the lists of claims you get when you ask for one of the scopes. I assume Auth0 is following this spec, and my testing so far showed positive signs.

But if you add custom claims (as per this auth0 doc ), do they always get added no matter the scope that has been requested?

Hey there. No, you can always use Rules to modify what gets added and what gets removed.

1 Like