AlexanderT.93793 (Customer) asked a question.
Hello,
We have a custom claim with a list of user groups, which are returned as part of the user info endpoint call. The user group itself is sourced from Active Directory.
Would it be possible to include a custom flag in the access token to indicate whether or not the group membership has changed for a user?
For example, if a user has been removed or added to a group, set the claim membership_changed: true. This will allow me to avoid an unnecessary user info endpoint calls to get group info.
That being said, I could include the group claim in the access token and this would avoid the situation altogether. However, I would like the group info to be returned as part of the user info endpoint call.
Thank you!
Hello @AlexanderT.93793 (Customer) Thank you for reacting out to our Community!
Please see our documentation below which should provide the answer to your question:
https://developer.okta.com/docs/guides/customize-tokens-groups-claim/main/#request-a-token-that-contains-the-custom-claim
My advice would be to leverage the Okta Developer forums for this type of questions and take advantage of their expertise.
https://devforum.okta.com/
The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.