Get user info within an organization

Where to use it

This is usually used in the user profile page where users need to show their organization information.

How to implement it

There are two ways to get user info within an organization.

1. Decode the ID token

The ID token is a standard JWT that contains user profile information and organization‑related claims. Call the SDK method decodeIdToken() to get a JSON object like this:

{
  "sub": "aauqbb63vg4s",
  "name": "John Doe",
  "picture": "https://example.com/johndoe.png",
  "email": "[email protected]",
  // ...
  "organizations": [
    "organization-id-1",
    "organization-id-2",
    "organization-id-3"
    // ...
  ],
  "organization_roles": [
    "organization-id-1:admin",
    "organization-id-2:member",
    "organization-id-3:viewer"
    // ...
  ],
  "aud": "admin-console"
  // ...
}

However, the ID token is only issued during authentication and may become stale if the user profile changes afterward. For the most up‑to‑date info, use the second approach below, or call clearAllTokens() and re‑initiate an authentication flow to get a fresh ID token.

await logtoClient.clearAllTokens();
logtoClient.signIn({
  redirectUri: 'https://your-app.com/callback',
  prompt: 'consent',
});

If the session is still valid, the signIn call will redirect back to your app without requiring credentials. From the user’s perspective, the app simply refreshes and a new ID token is issued behind the scenes.

2. Fetch user info from the `/oidc/me` endpoint

You can also request /oidc/me to get real‑time user info in the organization context. Call the SDK method fetchUserInfo().

Where to use it​

How to implement it​

1. Decode the ID token​

2. Fetch user info from the /oidc/me endpoint​

Where to use it

How to implement it

1. Decode the ID token

2. Fetch user info from the `/oidc/me` endpoint