- No code required — configure claims through the Auth0 Dashboard or the Management API
- All session attributes available — map anything in the session (metadata, session ID, and so on) to a claim in the access token
How it works
Define claim mappings on an application using thecustom_claim_mappings array in the access_token configuration. Each mapping has:
name— the claim name that appears in the access tokenexpression— a dot-notation path into the anonymous session object (for example,anonymous_session.metadata.country)
null or undefined, the claim is omitted.
Configure claims mapping
- Dashboard
- Management API
- Navigate to Dashboard > Applications > Applications and select your application.
- Select the Claims Mapping tab.
- Add the claims you need and their expressions.
- Select Save.
Use cases
Include session ID in access token
Includesession_id so resource servers can trace requests back to a specific anonymous interaction:
Include personalization data
Map locale and country data so resource servers can adapt responses without additional API calls:Guest checkout data
Include cart reference and session ID for e-commerce APIs:Limitations
- Maximum 10 custom claims per application.
- Reserved JWT claims cannot be used as claim names:
iss,sub,aud,exp, and so on. - Claim names must be unique within a configuration.
- Only direct mapping is available — expressions cannot contain logic or transformations.
Learn more
- Transfer Anonymous Sessions to Users — Use Actions to migrate session data at login or sign-up.
- Anonymous Sessions Best Practices — Security and performance recommendations.