1.4.x

Extension Point: OpenID Connect Claims Extractor

Basics

ParameterValue
Extension Point KeyOIDC_CLAIMS_EXTRACTOR
Extension Point NameOpenID Connect Claims Extractor
Extension InterfaceOpenIdClaimsExtractor
Supports Multiple Extensions?Yes
Selector TypeNone
Available Since1.2.0

Use Cases

This extension is invoked by Cortex when a user logs in. Extensions implementing this Extension Point can extract profile attributes about the shopper from the claims returned by OpenID Connect.

Methods

getCustomScopes

The getCustomScopes method is invoked when a client retrieves the OpenID Connect configuration from Cortex. It allows the plugin to append to the list of scopes that the front-end should pass to the Identity Provider when the user is redirected to the authentication endpoint.

extractClaims

The extractClaims method is invoked during the token exchange process when a client posts to the openidconnectform in Cortex. It allows the extension to retrieve claim values from the Identity Provider (in context.getOpenIdClaims().getClaimsObjects()) and return then in the XPFOpenIdClaimsExtractionResult. Cortex collects the responses from all extensions and combines them so that the customer profile attribute values and customer group collections can be updated.

Extension Sample

@Extension
@XPFAssignment(extensionPoint = XPFExtensionPointEnum.OIDC_CLAIMS_EXTRACTOR, priority = 1000)
public class ElasticPathOpenIdClaimsExtractor extends XPFExtensionPointImpl implements OpenIdClaimsExtractor {

    private static final Map<String, String> OIDC_CLAIM_KEYS_TO_CUST_PROFILE_KEYS = ImmutableMap.of(
        "email", "CP_EMAIL",
        "given_name", "CP_FIRST_NAME",
        "family_name", "CP_LAST_NAME",
        "phone_number", "CP_PHONE",
        "locale", "CP_PREF_LOCALE");

    @Override
    public Set<String> getCustomScopes() {
        // No scopes to add
        return Collections.emptySet();
    }

    @Override
    public XPFOpenIdClaimsExtractionResult extractClaims(final XPFOpenIdClaimsExtractionContext context) {
        final Map<String, Object> openIdClaims = context.getOpenIdClaims().getClaimsObjects();

        final Map<String, String> customerProfileClaims = new HashMap<>();
        OIDC_CLAIM_KEYS_TO_CUST_PROFILE_KEYS.forEach((claimKey, profileKey) -> {
            String claimValue = (String) openIdClaims.get(claimKey);
            if (claimValue != null) {
                customerProfileClaims.put(profileKey, claimValue);
            }
        });

        final XPFOpenIdClaimsExtractionResult result = new XPFOpenIdClaimsExtractionResult();

        result.setCustomerProfileAttributes(customerProfileClaims);

        return result;
    }
}
Last updated on 8/12/2025
Notification EventsOpenID Connect CM User Claims Extractor