We are using Client Credentials flow for machine-to-machine communication.
We want to add a new claim to the access token that contains a custom attribute that’s assigned to our application.
I have added a custom attribute called “orgId” to our application. It is mapped to a static string via the “Mappings” section.
In the authorization server section I have added a new claim called “orgId” with the expression “app.$orgId”.
Unfortunately, when I obtain an access token, the new claim is not present.
When I assign a static string to the claim, then the claim is present in the access token.
How can I get an attribute assigned to an application into a claim?
How did you add the custom attribute to your application, as part of the user profile?
As an access token generated via Client Credentials flow does not have a user scope, you will instead need to add a custom attribute to the Application Profile itself (not the User Application Profile).
Current status for the request for UI support is “Product Review”, so yes, you can still only access this data by API
Someone from the Product Management team at Okta has recently reviewed this Idea and has chosen to keep it under consideration for Product Review. This means that while it’s not on the roadmap yet, it’s still top of mind for us as we build out our future plans.
Thank you so much for the feedback. We’ll be sure to update this item once per quarter. In the meantime, please continue to add any additional comments, clarifications, and general feedback.