Juan IgnacioG.93104 (Customer) asked a question.
Getting Facebook ID as an ID or Access Token claim
In our team we're exploring Okta support for Social Login, and we'd be interested on returning the Facebook ID (or any other IdP's external ID by that matter) as an ID or Access Token claim.
I've tried to add a new claim to the Authorization Server's configuration, but didn't manage so far to come up with the proper expression that returns this piece of data.
Examples of attempts we've made are: idpuser.id, idp.externalId, etc.
I can login with Facebook on our Okta org successfully, and through the Identity Providers API I can see that accounts have been linked successfully and that the Facebook ID has been saved.
What would be the right expression to get this info as a claim?
For sharing: you can't directly reference attributes from an external Identity Provider in a custom claim.
A possible solution to this is to create a custom attribute called "facebookId" on the User profile, then in the Identity Provider User Profile Mapping settings, map "appuser.externalId" to "facebookId", then create a custom claim that exposes "facebookId" instead.