I’m trying to create a custom claim in Access Token and doc reference to Okta Expression Language overview | Okta Developer. But this doc doesn’t mention anything about character set that’s allowed to be used. Like I I created a test custom claim “^test& with_space+” to play around and only got a vague error message of “user_claim_evaluation_failure”. Do we have any documents about what characters are allowed and not allowed? Like any of special characters is allowed? “!@#$%^&*()+<>?{}”
That worked fine for me. Since you’re trying to return a string, make sure you’re not using smart quotes (when I copy pasted from your example, it contained smart quotes) so that the string is evaluated correctly.
Thank you for the reply! Is the value always expected to be put within double quotes? Looks like if I put a half quote like ^test& with_space+” or without quote ^test& with_space+ it would fail.
Also do we have a document on what special character is disallowed?
depends on what you’re trying to return and if we’re able to convert it into a valid type on our side. Anecdotally I can say I’ve had custom claims that are in string, int, or list format (the lists usually coming from a group function)
I don’t know of a doc that covers special characters that are not permitted (I also don’t know if I’ve personally encountered a char that wasn’t able to be included in a valid string) but, with custom claims, I think its important to keep in mind that these values are meant to be returned as JSON (seeing as the J in JWT stands for JSON ), so they will need to be valid JSON types (you’ll see us escaping special chars for you in my below example)
Here are some examples of returning different types:
), so they will need to be valid JSON types (you’ll see us escaping special chars for you in my below example)
