few-oyster-74399
07/24/2024, 2:22 PMfull_name
field to the userinfo oidc endpoint?chilly-king-10285
07/24/2024, 2:22 PMchilly-king-10285
07/24/2024, 2:23 PMfull_name
field to the userinfo OIDC endpoint, you can include it in the session.id_token
when accepting the consent request. Any information included in session.id_token
will also be included in the response from the userinfo endpoint. Here is an example of how you can do this using the Ory SDK in JavaScript: javascript import { Configuration, OAuth2Api } from "@ory/client" const ory = new OAuth2Api( new Configuration({ basePath: `https://${process.env.ORY_PROJECT_SLUG}.<http://projects.oryapis.com|projects.oryapis.com>`, accessToken: process.env.ORY_API_KEY, }), ) export async function acceptConsent(consentChallenge: string) { const { data } = await ory.getOAuth2ConsentRequest({ consentChallenge }) return await ory .acceptOAuth2ConsentRequest({ consentChallenge: consentChallenge, acceptOAuth2ConsentRequest: { session: { access_token: { some_custom_claim: "some_custom_value", }, id_token: { full_name: "John Doe", // Add the full_name field here }, }, }, }) .then(({ data }) => data) }
In this example, the full_name
field is added to the id_token
object in the session
object of the acceptOAuth2ConsentRequest
method. Replace "John Doe"
with the actual full name of the user. Please note that the /userinfo
endpoint is publicly available. Its contents are thus as visible as those of ID Tokens. It is therefore imperative to not expose sensitive information without user consent. For more information, you can refer to the [Ory documentation](https://www.ory.sh/docs/oauth2-oidc/userinfo-oidc#adding-custom-claims-to-the-userinfo-response).few-oyster-74399
07/24/2024, 2:24 PMchilly-king-10285
07/24/2024, 2:24 PMchilly-king-10285
07/24/2024, 2:24 PMgiven_name
and family_name
to form a full_name
field, you would need to modify your application logic where you accept the consent request. The full_name
field should be a combination of given_name
and family_name
fields. Here is an example of how you can do this using the Ory SDK in JavaScript: javascript import { Configuration, OAuth2Api } from "@ory/client" const ory = new OAuth2Api( new Configuration({ basePath: `https://${process.env.ORY_PROJECT_SLUG}.<http://projects.oryapis.com|projects.oryapis.com>`, accessToken: process.env.ORY_API_KEY, }), ) export async function acceptConsent(consentChallenge: string) { const { data } = await ory.getOAuth2ConsentRequest({ consentChallenge }) const fullName = `${data.context.given_name} ${data.context.family_name}` return await ory .acceptOAuth2ConsentRequest({ consentChallenge: consentChallenge, acceptOAuth2ConsentRequest: { session: { access_token: { some_custom_claim: "some_custom_value", }, id_token: { full_name: fullName, // Add the full_name field here }, }, }, }) .then(({ data }) => data) }
In this example, the full_name
field is created by concatenating given_name
and family_name
from the consent request context. This full_name
is then added to the id_token
object in the session
object of the acceptOAuth2ConsentRequest
method. Please note that the /userinfo
endpoint is publicly available. Its contents are thus as visible as those of ID Tokens. It is therefore imperative to not expose sensitive information without user consent. For more information, you can refer to the [Ory documentation](https://www.ory.sh/docs/oauth2-oidc/userinfo-oidc#adding-custom-claims-to-the-userinfo-response).