Get request body data in workflow
Hello,
I'm creating a workflow for M2MTokenGenerate event. When I make a call to the /oauth2/token endpoint, I'm also sending some data in the body, which I want in the generated M2M token. Can I get that data from the api in that workflow function parameters?
What I want is when my server is calling the API to get M2M token, I want a token with custom claims org_id and project_id which I'm sending in the request. Can I get that in the workflow function or not?
2 Replies
Hi, thank you for reaching out.
Let me check on my side regarding your question about retrieving custom data (such as
Thank you for your inquiry regarding the inclusion of custom data, such as
For more detailed information, you can refer to Kinde's documentation on M2M token generation workflow, M2M token binding, and token customization. Please let us know if you need further assistance or have additional questions.
org_id and project_id) from the request body in the workflow. I’ll review this and get back to you shortly.
Hi,Thank you for your inquiry regarding the inclusion of custom data, such as
org_id and project_id, from the request body into the generated M2M token within a Kinde workflow.
Currently, Kinde's M2M token generation workflow (m2m:token_generation) does not provide access to the raw request body parameters. The event object available in the workflow contains metadata like audience, scope, and the M2M application's clientId, but it does not expose arbitrary request body fields.
To include custom claims in M2M tokens, Kinde recommends utilizing application-level properties. You can define custom properties such as org_id and project_id on your M2M application within the Kinde dashboard. These properties can then be accessed and added as custom claims in the token using the kinde.m2mToken.setCustomClaim() method within the workflow.
If your use case requires dynamic data to be included in the token based on each request, the current workflow capabilities may not support this directly. As a workaround, consider encoding necessary information within the audience or scope fields of the token request, which are accessible in the workflow's event object. However, this approach has limitations and may not be suitable for all scenarios.For more detailed information, you can refer to Kinde's documentation on M2M token generation workflow, M2M token binding, and token customization. Please let us know if you need further assistance or have additional questions.
Ok, Thanks