Hello,
I apologies if this question has already been answered—I searched but couldn’t find a clear solution.
I’m integrating Auth0 with Oracle REST Data Services (ORDS) and would appreciate some guidance.
I call /authorize with the scope “openid email profile” so that I can later obtain extra user details from the /userinfo endpoint (per Auth0 docs: https://auth0.com/docs/api/authentication/user-profile/get-user-info )
The issue is when I request the openid scope, the resulting JWT token contains an array in the aud claim instead of a plain string value e.g.:
"aud": [ "ords/schema/", "https://<tenancy>.eu.auth0.com/userinfo"]
ORDS CREATE_JWT_PROFILE procedure expects a single VARCHAR2 value for p_audience. Because it receives an array instead, ORDS returns:
WWW-Authenticate: Bearer realm="Oracle REST Data Services", error="invalid_token"
Is there a way to pass to ORDS additional end-user information—beyond the default sub claim eg. auth0|3454522f10c9c…… that represents the auth0 userid ?
Thank you in advance for any suggestions or best practices.
Kind regards,
Alen