Getting custom information from the hosted login pages into the JWT

dan

How can I add in custom claims in to the JWT based on a custom login field or other parameters on the login form?

I have a parameter/variable that can change between each login (like a device id) and want it to be in the access token.

dan

This is not available today without some glue code.

Currently our suggestion is to use Javascript on the Login page to jam the claim into a meta field that is shown on a Webhook payload, like jamming stuff into event.info.deviceDescription .

Then you create user.login.success webhook, making sure it is transactional. On login, the event is fired that off to your system and then you extract the claim off the event.info.deviceDescription field and make a PATCH call to FusionAuth. In that PATCH call, you add this to a field on user.data.x.

Then once that PATCH is successful, the 200 response back to the user.login.success event which completes the login and triggers the JWT populate lambda. That lambda extracts the claim off the user.data.x field and puts it into the JWT.

It's not pretty but it is the only way to have this work for now. (For self-service registration you can use a custom hidden field, much easier.)

Relevant docs:

• https://fusionauth.io/docs/extend/code/lambdas/jwt-populate
• https://fusionauth.io/docs/extend/events-and-webhooks/events/user-login-success
• https://fusionauth.io/docs/apis/users#update-a-user