[Auth0 Web Connector] Users without a username & email are created

Forge Component
(2)
Published on 2019-01-14 by Craig St.Jean
2 votes
Published on 2019-01-14 by Craig St.Jean

I'm testing this great component and it almost works.

When I access the Auth0WebDemo web screen I get the Auth0 login screen.

I fill in my username / password and get access to the web screen.

Side effect is that every time I login a new (identical) OutSystems user is created with only the Name attribute filled in.

I added a LogMessage to see the contents of the JWT and it looks like this:

Auth0 JWT token :[{"Claim":{"Name":"nickname","Value":"******.********"}},{"Claim":{"Name":"name","Value":"R******* V*******"}},{"Claim":{"Name":"picture","Value":"https://s.gravatar.com/avatar/ea90a8198d68708a928dd79db4b842aa?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fra.png"}},{"Claim":{"Name":"updated_at","Value":"\"2020-02-03T14:24:21.941Z\""}}

So it looks like Auth0 is not adding the email address to the JWT and the GetEmail Server Action ends up with an empty email value causing the creation of (another) empty user in OutSystems.

Do I need to configure something in Auth0 so the needed information is added to the JWT?




Solution

I found the resolution myself.

In the GetRedirectURL the AdditionalScopes must contain the value "email"

See: "https://auth0.com/docs/scopes/current/oidc-scopes#standard-claims"

Solution