Why isn't "Username" brought back in the token?

I am using the C# API packet off NuGet, I really need the Username brought back in the token. Very surprised it is not?

AccessTokenResponse auth0Token2 = await auth0client.GetTokenAsync(new ResourceOwnerTokenRequest
{
Username = “??”,
Password = “??”,
ClientId = “??”,
ClientSecret = “??”,
Audience = “http://somethinghere
});

and I get back the token but it has no identifying info in it. I could care less if the username makes the token larger, we need the username in the token somehow. How can this be achieved?

Mike

Hi @mike.griffin,

The standard OIDC scopes and claims are documented here: https://auth0.com/docs/scopes/current/oidc-scopes

If you want a profile attribute that is not included with a standard scope, you’ll to write a rule to add it to the token. If you are using a 3rd party identity provider, I believe you need to configure the additional claims at the IdP end.

Writing that rule is incredibly complex, do you guys have an example? We are using your provider, I would think this would take two seconds for you show a quick example. As for me it’s going to take me probably a day because I’m already hours into this

Hi @mike.griffin,

There are probably better ways to code this, but here’s an example rule that adds user.username to the idToken:

function (user, context, callback) {
  user.username = user.username || "";
  context.idToken['https://sso.yourdomain.com/username'] = user.username; 
  callback(null, user, context);
}

The namespace https://sso.yourdomain.com/ can be whatever you want (but not an Auth0 domain). Just needs to be a unique string.

Or if, say, you manage your own username in app_metadata:

function (user, context, callback) {
  user.app_metadata = user.app_metadata || {}; // Not sure if this is required?
  user.app_metadata.username = user.app_metadata.username || "";
  context.idToken['https://sso.yourdomain.com/username'] = user.app_metadata.username; 
  callback(null, user, context);
}

There are useful rule templates available in the Management Console and in this Github repo.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.