Auth0 ignores scope option

Question

I have created React application with auth0 using this guide https://auth0.com/docs/quickstart/spa/react/01-login

Everything works fine. But now I want to get user metadata in my React app. I have extended my Auth0Client constructor with scope field, but it doesn't help.

  const auth0FromHook = await createAuth0Client({
    domain,
    client_id: clientId,
    redirect_uri: `${window.location.origin}/auth`,
    response_type: 'id_token token',
    ui_locales: 'ru',
    audience,
    scope: 'openid profile email user_metadata',
  });

I don't see user_metadata scope in token from Auth0: Where should I write scope field to make Auth0 return user_metadata?

P.S ui_locales also doesn't work. But I see it in docs https://auth0.github.io/auth0-spa-js/interfaces/auth0clientoptions.html#scope

Answer 1

You are not getting user_metadata back because it's not a standard scope.

A workaround is to add user_metadata to the token from an Auth0 rule like this:

// assumes you want to add this to the access token
context.accessToken['https://example.com/user_metadata'] = user.user_metadata;

More reading on adding custom claims to tokens: https://auth0.com/docs/api-auth/tutorials/adoption/scope-custom-claims#custom-claims