How to include user specific custom claim in client credentials token

chandramoulip24 · January 11, 2024, 5:33pm

Hello everyone, We have an .NET MVC application and a REST API. We are using the OKTA for the token based authentication (CLIENT CREDENTIALS FLOW) in between MVC controller to REST API.

We are using below URL to generate the token
https://{MyDomain}.okta.com/oauth2/{MyAppIdInOkta}/v1/token

We want to get the user specific claims using the token generated using above process.

Is it possible? If yea please help me with the process.
Otherwise please suggest the alternative approach to achieve this.

Thank you.

andrea · January 11, 2024, 5:36pm

This is not possible or supported. When using Client Credentials grant, there is no user context available, so there is no way to access user profile attributes.

If your integration requires claims specific to individual users, you will want to use a user-based OAuth flow instead (e.g. Authorization Code Flow).

If your integration just needs to receive additional claims specific to the client used, you could look to set up application profile attributes that can be pulled into a claim, as described here: How to Get OIDC/OAuth Application Attributes Like Name or Label as Claims in id_token/access Token | Okta Help Center

system · February 11, 2024, 8:59am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Post		Replies	Views
Custom Claims for Client Credentials Questions	2	5618	February 14, 2020
Fill access token claim with attribute of application OAuth/OIDC	9	5270	June 6, 2023
Custom claims in the client_credentials access token Questions	3	6347	November 11, 2020
Does Okta support Client-Level Claims when used for OpenID Connect OAuth/OIDC	4	7449	July 16, 2019
How to generate user specific token for server-server integration? OAuth/OIDC	8	649	June 4, 2024

How to include user specific custom claim in client credentials token

Related topics