Non-restricted claims can be overwritten. The transaction will not fail, but the claim will not be added to your token. Other than /userinfo, any attempt to set a private, non-namespaced custom claim on an access token where the audience is an Auth0 API will be ignored to avoid collision with internal services or standards. The exception to this restriction is the Auth0 Authentication API /userinfo endpoint. Only specified OIDC user profile claims can be added to access tokensĪuth0 also restricts the creation of private, non-namespaced custom claims on access tokens in which the audience is an Auth0 API. OPENID standard claims or claims used internally by Auth0 cannot be customized or modifiedĪccess tokens with an Auth0 API audience, excluding the /userinfo endpoint, cannot have private, non-namespaced custom claims The token should now be among your asset list.Auth0 applies the following restrictions to custom claims:Ĭustom claims payload is set to a maximum of 100KB
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |