Identity & Platform

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Why does my Custom Claim return as empty?

SameeraPereraJul 28 2025 — edited Jul 28 2025

Following the steps in https://docs.oracle.com/en-us/iaas/Content/Identity/api-getstarted/custom-claims-token.htm
I've created a custom claim. This is what my request body looked like:

{ 
"schemas": [ 
"urn:ietf:params:scim:schemas:oracle:idcs:CustomClaim" 
], 
"name": "awsmUserId", 
"value": "$user.urn:ietf:params:scim:schemas:idcs:extension:custom:User:awzmUserId", 
"expression": true, 
"mode": "always", 
"tokenType": "BOTH", 
"allScopes": true 
}

And I set the value on the user custom attribute a PATCH that looks like:

 { 
	"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"], 
	"Operations": [ 
		{ 
			"op": "replace", 
			"path": "urn:ietf:params:scim:schemas:idcs:extension:custom:User:awzmUserId", 
			"value": "UR_AWZM!" 
		} 
	] 
}

And I get the response back confirming the value was set:

...
"urn:ietf:params:scim:schemas:idcs:extension:custom:User": { 
	"awzmUserId": "UR_AWZM!" 
},
...

When I login, the access token does have the field but, it is always empty.

...
"user.tenant.name": "...", 
"awzmUserId": "", 
"idp_guid": "...",
...

What could I be doing wrong?

PS: This is a React SPA using Social login options with OCI IAM Domains.

Added on Jul 28 2025

#customclaims, #iam, #identity

0 comments

62 views