Last active
October 31, 2016 08:44
-
-
Save opsb/e8dbd5ffe60723902ee3842c605b04c5 to your computer and use it in GitHub Desktop.
Inject custom claims into auth0 jwt token using a rule
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Go the settings page/section: Clients > ClientABC > Advanced Settings > advanced > Application Metadata | |
| And add the metadata, e.g. Key: tenantId, Value: "tenant123" | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Include the scope "app_metadata" when calling auth0.login e.g. scope: 'openid offline_access app_metadata' | |
| The tenantId is stored alongside the standard claims e.g. | |
| { | |
| "claims": { | |
| "iss": ..., | |
| "aud": ..., | |
| "app_metadata": { | |
| "tenantId": "tenant123" | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function (user, context, callback) { | |
| user.app_metadata = user.app_metadata || {}; | |
| user.app_metadata.tenantId = context.clientMetadata.tenantId; | |
| callback(null, user, context); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment