okta-nginx icon indicating copy to clipboard operation
okta-nginx copied to clipboard

Published 20 hours ago verified publisher icon boxboat

Feature request: Support retrieving additional metadata via `/userinfo`

Open cognifloyd opened this issue 1 year ago • 3 comments

It would be nice to optionally retrieve additional claims that are only accessible via the /userinfo endpoint (eg if the ID groups claim is only accessible via the /userinfo endpoint instead of Always).

cognifloyd avatar Dec 05 '23 22:12 cognifloyd

I understand the ask... but I am not seeing in the documentation where some claims are only accessible via /userinfo. Can you not just add the groups scope?

matthewdevenny avatar Dec 07 '23 20:12 matthewdevenny

For reference.. If I understand correctly you could get at these with additional scopes added to the scope query parameter https://developer.okta.com/docs/reference/api/oidc/#scope-dependent-claims-not-always-returned

matthewdevenny avatar Dec 07 '23 20:12 matthewdevenny

You can set a custom claim on an auth server to only be accessible via /userinfo. Screenshot 2023-12-07 at 16 52 32

cognifloyd avatar Dec 08 '23 16:12 cognifloyd