Name and Email in Access Token claims not reaching the resource server
See original GitHub issueI can get access and id tokens from my auth server. Both tokens include the name and email claims. The access token is added to the header for making calls to the resource server. The resource server uses introspection to validate the token.
The user is authenticated as expected. So I try to get the name and email for the user by doing:
var data = new {
Email = User.GetClaim(OpenIdConnectConstants.Claims.Email),
Name = User.Identity.Name
};
But both properties are null. This the ClaimsPrincipal:
There are only 8 claims and none of them and the email and name.
Where and how can I get these claims in the resource server?
Issue Analytics
- State:
- Created 3 years ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Not getting user "email" as a claim (from jwt token) back ...
If the User has a name claim or email claim -> it should get added to the access token. Result contents access token...
Read more >Can I trust the access token sub claim for identifying user?
I am developing a browser extension that needs to authenticate with a Java Spring based api. The api needs to be able to...
Read more >API authorization with resource servers and OAuth 2.0 ...
It verifies the issuer based on the token signature, validity based on token expiration, and access level based on the scopes in token...
Read more >Access token claims reference - Microsoft Entra
Claims reference with details on the claims included in access tokens issued by the Microsoft identity platform.
Read more >What Are Scopes and Claims? A Short Overview
Scopes are often described as a mechanism to limit the access of the requesting party to the user's resources.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
It works with scopes.
You can use scopes for that. Take a look at the samples to see how it’s done.