2016-02-11 20:24:34 +00:00
.. _claims:
Standard Claims
###############
This subset of OpenID Connect defines a set of standard Claims. They are returned in the UserInfo Response.
2016-09-19 20:38:17 +00:00
The package comes with a setting called `` OIDC_USERINFO `` , basically it refers to a function that will be called with `` claims `` (dict) and `` user `` (user instance). It returns the `` claims `` dict with all the claims populated.
2016-02-11 20:24:34 +00:00
2016-09-19 20:38:17 +00:00
List of all the `` claims `` keys grouped by scopes:
2016-02-11 20:24:34 +00:00
+--------------------+----------------+-----------------------+------------------------+
| profile | email | phone | address |
+====================+================+=======================+========================+
2016-07-07 15:50:27 +00:00
| name | email | phone_number | formatted |
2016-02-11 20:24:34 +00:00
+--------------------+----------------+-----------------------+------------------------+
2016-07-07 15:50:27 +00:00
| given_name | email_verified | phone_number_verified | street_address |
2016-02-11 20:24:34 +00:00
+--------------------+----------------+-----------------------+------------------------+
2016-07-07 15:50:27 +00:00
| family_name | | | locality |
2016-02-11 20:24:34 +00:00
+--------------------+----------------+-----------------------+------------------------+
2016-07-07 15:50:27 +00:00
| middle_name | | | region |
2016-02-11 20:24:34 +00:00
+--------------------+----------------+-----------------------+------------------------+
2016-07-07 15:50:27 +00:00
| nickname | | | postal_code |
2016-02-11 20:24:34 +00:00
+--------------------+----------------+-----------------------+------------------------+
2016-07-07 15:50:27 +00:00
| preferred_username | | | country |
2016-02-11 20:24:34 +00:00
+--------------------+----------------+-----------------------+------------------------+
| profile | | | |
+--------------------+----------------+-----------------------+------------------------+
| picture | | | |
+--------------------+----------------+-----------------------+------------------------+
| website | | | |
+--------------------+----------------+-----------------------+------------------------+
| gender | | | |
+--------------------+----------------+-----------------------+------------------------+
| birthdate | | | |
+--------------------+----------------+-----------------------+------------------------+
| zoneinfo | | | |
+--------------------+----------------+-----------------------+------------------------+
| locale | | | |
+--------------------+----------------+-----------------------+------------------------+
| updated_at | | | |
+--------------------+----------------+-----------------------+------------------------+
2016-09-19 20:38:17 +00:00
How to populate userinfo response
=================================
2016-07-07 15:50:27 +00:00
Somewhere in your Django `` settings.py `` ::
2016-02-11 20:24:34 +00:00
2016-07-07 15:50:27 +00:00
OIDC_USERINFO = 'myproject.oidc_provider_settings.userinfo'
2016-02-11 20:24:34 +00:00
2016-09-19 20:38:17 +00:00
Then inside your `` oidc_provider_settings.py `` file create the function for the `` OIDC_USERINFO `` setting::
2016-02-11 20:24:34 +00:00
2016-07-07 15:50:27 +00:00
def userinfo(claims, user):
2016-09-19 20:38:17 +00:00
# Populate claims dict.
2016-07-07 15:50:27 +00:00
claims['name'] = '{0} {1}'.format(user.first_name, user.last_name)
claims['given_name'] = user.first_name
claims['family_name'] = user.last_name
claims['email'] = user.email
claims['address']['street_address'] = '...'
2016-02-11 20:24:34 +00:00
2016-07-07 15:50:27 +00:00
return claims
2016-02-11 20:24:34 +00:00
2016-09-19 20:38:17 +00:00
Now test an Authorization Request using these scopes `` openid profile email `` and see how user attributes are returned.
2016-07-07 15:50:27 +00:00
.. note ::
Please **DO NOT** add extra keys or delete the existing ones in the `` claims `` dict. If you want to add extra claims to some scopes you can use the `` OIDC_EXTRA_SCOPE_CLAIMS `` setting.