Fat Token with okta-mobile-swift SDK


Is there a way to get a “fat” token that includes “Nickname” profile field for example using the Okta Swift SDK ?
I’m providing “profile” scope and when calling Credential.default.userInfo I can see Nickname in the returned result but what I’d like to have is a JWT token with the Nickname included.

Found this guide but not sure how to achieve this using the SDK:

The Access token can be sent as a bearer token in the authorization header of userinfo request i.e. POST ${baseUrl}/oauth2/v1/userinfo, where base URL will be https://{yoursubdomain}.okta.com or https://{yoursubdomain}.okta.com.


At this time, Okta will never return a Fat ID Token if you are requesting both an ID token and an Access token in the same request (e.g. Hybrid flow or Authorization Code flow, which the Swift SDK is using). Per spec, Okta only makes these base profile claims available at the Userinfo endpoint.

If you are using a Custom Authorization Server, you could make a separate, custom claim to hold this Nickname value (it will need a unique claim name, of course) and set it to always be returned in the token. Then you could have the value returned in either the ID Token or the Access Token, as needed

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.