Hi,
I’m facing an issue in Apigee X related to fetching custom App attributes during OAuth token verification when the App belongs to an App Group.
Question:
Is there a way to access App-level custom attributes (like developerEmail) from an App that belongs to an App Group within the OAuthV2 VerifyAccessToken context?
Setup:
-
Using Apigee X.
-
Using OAuth 2.0 for access token generation & verification
-
OAuth policy name:
VerifyAccessToken -
The App is created under an App Group
-
The App has a custom attribute named
developerEmail -
I need to include this attribute as a claim in a JWT policy
What I’m trying to do:
In my JWT generation policy, I’m trying to read the custom attribute like this:
I also tried:
But both return empty values.
What I’ve confirmed:
The app.name and appgroup.name are populated correctly:
oauthv2.VerifyAccessToken.app.name → my-test-app
oauthv2.VerifyAccessToken.appgroup.name → my-test-group
-
The custom attribute
developerEmailexists under the App (not App Group). -
I’m not using
VerifyAPIKey— only OAuth (VerifyAccessToken) is in place. -
The OAuth policy successfully verifies the token.
Goal:
I want to include the
developerEmail(stored as an App custom attribute) in my JWT claims like this:Any insight or confirmation if this is a product limitation would be greatly appreciated.
If there’s a workaround (like exposing attributes via access token or through configuration), please share the approach.Thanks