831tc (831tc) asked a question.
How to get custom claims/mappings in /userinfo
Hi,
For the OIDC authorization code flow, when I make a request to /userinfo with the access token, it only returns these attributes;
- sub
- name
- locale
- preferred_username
- given_name
- family_name
- zoneinfo
- updated_at
- email_verified
However there are some extra attribute mappings on the app profile mapping. I can validate it via preview and see that user.primaryPhone is also mapped.
Additionally, I configured a custom claim as below. But still, I don't see this attribute in the response body returned from /userinfo endpoint. Is there anything I'm missing here ?
Image is not available
Hi @831tc (831tc),
Thank you for posting on the Okta community page!
I have done some research and I have managed to find the below documentation where it mentions that you should make sure that all the Scopes that contain the needed Claims are being requested with the ID Token since without being in the token, they will not appear when accessing the /userinfo endpoint:
My advice would be to also leverage the Okta Developer forums for this type of questions and take advantage of their expertise.
------------------------------------------------------------------------------------------------------------------------------------------------
Join us in the Oktane discussion group to connect with attendees or just stay connected to the event.
Thank you for your answer @flaviu.vrinceanu1.5628408972654734E12 (Customer Success Service Delivery)
I added openid profile email scopes to the request but response is still the same. Also posted this to devforum.