Contents x
    Auth0
    • 02 Aug 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Auth0

    • Updated on 02 Aug 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Initial Setup Example

    Please note - the follwing steps, examples, and screenshots might differ according to your Auth0 Management Console version, and are here to illustrate the overall setup process.

    In Auth0 Management UI:

    1. Create an account.
    2. Create an application (Machine to Machine).
    3. Configure IDP settings in the Tenant.
    4. Create a rule for adding the PlainID claim to the Id Token.

    Add a Rule to Inject the PlainID Claim

    1. Create a rule to add the custom claim to the Access Token:

    2. On the Auth0 Management UI menu, go to Auth Pipeline-> Rules .

    3. Click on Create  to create a rule.

    4. Click on <> Empty Rule .

    5. Give the rule a name and add the following JavaScript code:

    function(user, context, callback) {
    let accessTokenClaims = context.accessToken || {};
    for (const [key, value] of Object.entries(user.user_metadata)) {
        console.log(`${key}: ${value}`);
        // adding claims to the access token
        accessTokenClaims[`https:${key}`] = value;
    }
    return callback(null, user, context);
}
    1. Click Save Changes.

    Auth0 IDP token endpoint example

    Request example with password-realm grant type

    curl --location --request POST 'https://CLIENT_AUTH0_URL/oauth/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=http://auth0.com/oauth/grant-type/password-realm' \
--data-urlencode 'client_id=AUTH0_APP_CLIENT_ID' \
--data-urlencode 'client_secret=AUTH0_APP_CLIENT_SECRET' \
--data-urlencode 'audience=APP_AUDIENCE' \
--data-urlencode 'realm=DATABASE_REALM_NAME' \
--data-urlencode 'scope=openid email offline_access'
--data-urlencode 'username=AUTH0_USER_TO_AUTHENTICATE' \
--data-urlencode 'password=AUTH0_USER_PASSWORD'

    Response example

    {
    "access_token": "ey..,
    "refresh_token": "MgyG83LVPm5KEVKH1gQnd4p31IvJDhGTV-9ive6O1G6X5",
    "id_token": "ey..",
    "scope": "openid email read:current_user update:current_user_metadata delete:current_user_metadata create:current_user_metadata create:current_user_device_credentials delete:current_user_device_credentials update:current_user_identities offline_access",
    "expires_in": 3600,
    "token_type": "Bearer"
}
    Was this article helpful?
    What's Next