Disallowed character set in Okta Expression Language

I’m trying to create a custom claim in Access Token and doc reference to Okta Expression Language overview | Okta Developer. But this doc doesn’t mention anything about character set that’s allowed to be used. Like I I created a test custom claim “^test& with_space+” to play around and only got a vague error message of “user_claim_evaluation_failure”. Do we have any documents about what characters are allowed and not allowed? Like any of special characters is allowed? “!@#$%^&*()+<>?{}”

Thank you!

That worked fine for me. Since you’re trying to return a string, make sure you’re not using smart quotes (when I copy pasted from your example, it contained smart quotes) so that the string is evaluated correctly.

1 Like

Thank you for the reply! Is the value always expected to be put within double quotes? Looks like if I put a half quote like ^test& with_space+” or without quote ^test& with_space+ it would fail.

Also do we have a document on what special character is disallowed?

Thank you Andrea!

depends on what you’re trying to return and if we’re able to convert it into a valid type on our side. Anecdotally I can say I’ve had custom claims that are in string, int, or list format (the lists usually coming from a group function)

I don’t know of a doc that covers special characters that are not permitted (I also don’t know if I’ve personally encountered a char that wasn’t able to be included in a valid string) but, with custom claims, I think its important to keep in mind that these values are meant to be returned as JSON (seeing as the J in JWT stands for JSON :wink: ), so they will need to be valid JSON types (you’ll see us escaping special chars for you in my below example)

Here are some examples of returning different types:

Hope that helps!

1 Like

This is great! Thank you Andrea!!

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.