Adding multiple user attributes as a single claim to a scope

Questions
1

I created a scope called userAttributes
I created a custom claim called user_attributes

  • Type = Id tken based and always
  • value type = expression
  • express = Arrays.add({user.jobTitle, user.displayName, user.email, user.login})
  • include in scope userAttributes

when I do a preview of an id token on my client with openid and userAttributes indicated as scope. The claim doesn’t appear in the claims list

if I take the example Arrays.add({10, 20, 30}, 40) from the following page

The claim doesn’t appear in the claims list.

if I do just one attribute user.jobTitle it will show the claim user_attributes with a value of Developer.

I do not wish to create an individual claim for every single attribute I want out. How can I can a list of user attributes out as an array for one claim?

Thanks,

Angela

2

Hi @angela! Looks like we don’t have a way to do this at the moment. Although, the profile and email scope already includes more claims outside of openid - see 2.4. Scope Values in https://openid.net/specs/openid-connect-basic-1_0.html#StandardClaims and https://developer.okta.com/docs/reference/api/oidc/#scope-dependent-claims-not-always-returned.

For custom attributes, you can only list them as individual claims and then tie them to a specific scope. However, if you want to arrange them a certain way i.e., an array, then we may not cover this use case. I suggest adding this to our Ideas page https://support.okta.com/help/s/article/Okta-Ideas-Overview-FAQ.