I have NextJS project that's using NextAuth. It works fine when I use default scopes. However my project requires additional claims and you can see the supported scopes here.
"scopes_supported": [
"openid",
"offline_access",
"iss",
"address",
"email",
"phone",
"profile",
"external_groups",
"access_roles",
"tenant",
"groups",
"identity_provider",
"linked_identity",
"amr",
"custom_claims",
"provider_claims"
],
I use below config to fetch those custom claims
authorization: { params: { scope: 'openid profile email external_groups access_roles groups custom_claims provider_claims' } },
However I do not see any custom claims and default claims are being returned. You can reproduce the error with code: https://github.com/pavankjadda/next-auth-demo
So that issue is NextAuth not returning user data. I had to overwrite the userInfo end point by passing access_token to get the required data
userinfo: {
url: 'https://auth.ncats.nih.gov/_api/v2/auth/NCI-CCR-TEST/me',
async request(context) {
return await context.client.userinfo(context.tokens?.access_token ?? '');
},
},
Note: Make sure to remove unnecessary scopes from authorization as it will increase cookie that being sent to Auth server
authorization: { params: { scope: 'openid profile email' } },