SOLVED Can we add more information to the access token response we get during the OAuth flow?



  • We use a standard authorization code grant. We call into /oauth2/token and get back something like this:

    {
    "access_token":"...",
    "expires_in":86399,
    "refresh_token":"...",
    "token_type":"Bearer",
    "userId":"..."
    }
    

    We'd like to add some more properties to this JSON response. Is that possible?



  • That response is essentially defined by OAuth2 / OIDC as the token response. If you want to customize it, the best solution is to use a lambda to encode additional details in the access_token (JWT) and then at the client decode that value to extract the necessary claims.

    More on lambdas: https://fusionauth.io/docs/v1/tech/lambdas/jwt-populate