I added a new user to my application and wanted to define them as an admin. To achieve this, I created a new attribute called “userType” in the claims of my application’s account. However, when I console log the authState in my application, I cannot see the “userType” attribute, and I’m not sure why. Oddly, I was able to see it the first time I created this attribute, but now it seems to be missing.
Hm. Are you using the Org Authorization Server (issuer == “https://oktaDomain”) or a Custom Authorization Server (issuer == "https://oktaDomain/oauth2/aus1234567890)?
If you’re using a custom authorization server, you’d need to add custom claims on your server so that this information can be returned in the user’s tokens, but, as you configured this in the application profile, the org authorization server should do this automatically as long as you request the profile scope, as described here: How to add custom attributes of user profile as claims in token | Okta Help Center
Note that if you are using Authorization Code flow or are otherwise receiving both the ID Token and Access Token in the same OIDC flow, you’ll need to send the Access Token to the /userinfo endpoint to receive these claims. More info here: Okta Groups or Attribute Missing from ID Token | Okta Help Center
1 Like