Why isn't "Username" brought back in the token?

mike.griffin · February 13, 2019, 3:28pm

I am using the C# API packet off NuGet, I really need the Username brought back in the token. Very surprised it is not?

AccessTokenResponse auth0Token2 = await auth0client.GetTokenAsync(new ResourceOwnerTokenRequest
{
Username = “??”,
Password = “??”,
ClientId = “??”,
ClientSecret = “??”,
Audience = “http://somethinghere”
});

and I get back the token but it has no identifying info in it. I could care less if the username makes the token larger, we need the username in the token somehow. How can this be achieved?

Mike

markd · February 13, 2019, 3:55pm

Hi @mike.griffin,

The standard OIDC scopes and claims are documented here: OpenID Connect Scopes

If you want a profile attribute that is not included with a standard scope, you’ll to write a rule to add it to the token. If you are using a 3rd party identity provider, I believe you need to configure the additional claims at the IdP end.

mike.griffin · February 13, 2019, 4:12pm

Writing that rule is incredibly complex, do you guys have an example? We are using your provider, I would think this would take two seconds for you show a quick example. As for me it’s going to take me probably a day because I’m already hours into this

markd · February 13, 2019, 4:51pm

Hi @mike.griffin,

There are probably better ways to code this, but here’s an example rule that adds user.username to the idToken:

function (user, context, callback) {
  user.username = user.username || "";
  context.idToken['https://sso.yourdomain.com/username'] = user.username; 
  callback(null, user, context);
}

The namespace https://sso.yourdomain.com/ can be whatever you want (but not an Auth0 domain). Just needs to be a unique string.

Or if, say, you manage your own username in app_metadata:

function (user, context, callback) {
  user.app_metadata = user.app_metadata || {}; // Not sure if this is required?
  user.app_metadata.username = user.app_metadata.username || "";
  context.idToken['https://sso.yourdomain.com/username'] = user.app_metadata.username; 
  callback(null, user, context);
}

There are useful rule templates available in the Management Console and in this Github repo.

system · August 29, 2019, 10:54am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to Retrieve Username with Auth0-spa-js Help	12	7873	March 9, 2020
How to include the username in the ID token Help	3	2112	September 30, 2021
Id token, IdP provided user information and the Authorization Extension Help authentication-api , profile , authorization-extens , login	2	4401	August 30, 2019
Azure API Management with Auth0 OIDC Help azure , auth0-api	5	4869	March 2, 2018
Get username with auth0 react sdk Help auth0-rules	2	3623	August 21, 2020

Why isn't "Username" brought back in the token?

Related Topics