ExtraParameters field passed with LoginWithClientCredentialsRequest not used

Question

ExtraParameters field passed with LoginWithClientCredentialsRequest not used

Closed this issue 6 months ago · 1 comments

Checklist

I have looked into the README and have not found a suitable solution or answer.
I have looked into the documentation and have not found a suitable solution or answer.
I have searched the issues and have not found a suitable solution or answer.
I have upgraded to the latest version of this SDK and the issue still persists.
I have searched the Auth0 Community forums and have not found a suitable solution or answer.
I agree to the terms within the Auth0 Code of Conduct.

Description

We are trying to pass some additional data with the client credentials request so that we can use the flows to expand the access token with custom claims.

ExtraParameters is documented as properties that will be used to included with the request

	ts, err := p.authenticationClient.OAuth.LoginWithClientCredentials(ctx,
		auth0OAuth.LoginWithClientCredentialsRequest{
			ClientAuthentication: auth0OAuth.ClientAuthentication{
				ClientID:     p.serviceClientID,
				ClientSecret: p.serviceClientSecret,
			},
			Audience: "https://platform.wunderkind.co",
			ExtraParameters: map[string]string{
				// We pass this value so that we can manipulate the token
				"service-account-email":  email,
				"service-account-userid": userID,
			},
		},
		auth0OAuth.IDTokenValidationOptions{},
	)

I've confirmed through the code that ExtraParameters appears to only be used with the LoginWithPassword

So the request body sent is

audience={audience}&client_id={client_id}&client_secret={secret}&grant_type=client_credentials

Expectation

The parameters defined in ExtraParameters should be included in the body of the client_credentials request

audience={audience}&client_id={client_id}&client_secret={secret}&grant_type=client_credentials&service-account-email={email}&service-account-userid={userid}

Upon testing manually, those extra parameters, if sent like this, are available in the M2M flow and it allows me to add it to the access token custom claims

Reproduction

Using the go package, make a request using the LoginWithClientCredentials while including the ExtraParameters property set in

	ts, err := p.authenticationClient.OAuth.LoginWithClientCredentials(ctx,
		auth0OAuth.LoginWithClientCredentialsRequest{
			ClientAuthentication: auth0OAuth.ClientAuthentication{
				ClientID:     p.serviceClientID,
				ClientSecret: p.serviceClientSecret,
			},
			Audience: "https://platform.wunderkind.co",
			ExtraParameters: map[string]string{
				// We pass this value so that we can manipulate the token
				"service-account-email":  email,
				"service-account-userid": userID,
			},
		},
		auth0OAuth.IDTokenValidationOptions{},
	)

when the request is sent, the body of the request will not include the

Auth0 Go SDK version

1.4.0

Answer 1 · 2024-04-23T10:37:02.000Z

Hi @weirdian2k3 ,

Great news! The issue has been fixed in version 1.5.0. Please take a moment to review, and feel free to reach out if you encounter any further issues.