To add a

full_name

field to the userinfo OIDC endpoint, you can include it in the

session.id_token

when accepting the consent request. Any information included in

session.id_token

will also be included in the response from the userinfo endpoint. Here is an example of how you can do this using the Ory SDK in JavaScript:

javascript import { Configuration, OAuth2Api } from "@ory/client"      const ory = new OAuth2Api(     new Configuration({       basePath: `https://${process.env.ORY_PROJECT_SLUG}.<http://projects.oryapis.com|projects.oryapis.com>`,       accessToken: process.env.ORY_API_KEY,     }),   )      export async function acceptConsent(consentChallenge: string) {     const { data } = await ory.getOAuth2ConsentRequest({ consentChallenge })        return await ory       .acceptOAuth2ConsentRequest({         consentChallenge: consentChallenge,         acceptOAuth2ConsentRequest: {           session: {             access_token: {               some_custom_claim: "some_custom_value",             },             id_token: {               full_name: "John Doe",  // Add the full_name field here           },           },         },       })       .then(({ data }) => data)   }

In this example, the

full_name

field is added to the

id_token

object in the

session

object of the

acceptOAuth2ConsentRequest

method. Replace

"John Doe"

with the actual full name of the user. Please note that the

/userinfo

endpoint is publicly available. Its contents are thus as visible as those of ID Tokens. It is therefore imperative to not expose sensitive information without user consent. For more information, you can refer to the [Ory documentation](https://www.ory.sh/docs/oauth2-oidc/userinfo-oidc#adding-custom-claims-to-the-userinfo-response).

To concatenate

given_name

and

family_name

to form a

full_name

field, you would need to modify your application logic where you accept the consent request. The

full_name

field should be a combination of

given_name

and

family_name

fields. Here is an example of how you can do this using the Ory SDK in JavaScript:

javascript import { Configuration, OAuth2Api } from "@ory/client"  const ory = new OAuth2Api(   new Configuration({     basePath: `https://${process.env.ORY_PROJECT_SLUG}.<http://projects.oryapis.com|projects.oryapis.com>`,     accessToken: process.env.ORY_API_KEY,   }), )  export async function acceptConsent(consentChallenge: string) {   const { data } = await ory.getOAuth2ConsentRequest({ consentChallenge })    const fullName = `${data.context.given_name} ${data.context.family_name}`    return await ory     .acceptOAuth2ConsentRequest({       consentChallenge: consentChallenge,       acceptOAuth2ConsentRequest: {         session: {           access_token: {             some_custom_claim: "some_custom_value",           },           id_token: {             full_name: fullName,  // Add the full_name field here           },         },       },     })     .then(({ data }) => data) }

In this example, the

full_name

field is created by concatenating

given_name

and

family_name

from the consent request context. This

full_name

is then added to the

id_token

object in the

session

object of the

acceptOAuth2ConsentRequest

method. Please note that the

/userinfo

endpoint is publicly available. Its contents are thus as visible as those of ID Tokens. It is therefore imperative to not expose sensitive information without user consent. For more information, you can refer to the [Ory documentation](https://www.ory.sh/docs/oauth2-oidc/userinfo-oidc#adding-custom-claims-to-the-userinfo-response).