Access user.oid from Action

developer14 · December 21, 2021, 2:14am

Hi, I was wondering if it is possible to access the user.oid from within an action login flow.
I can access the user.oid if I use rules, but as it’s deprecated I’m trying to migrate it to actions, I’m authenticating against an Azure AD.

using rules I can do this
context.accessToken[‘my_claim’] = user.oid;

How could I do the same thing using actions?

thanks

rueben.tiow · December 21, 2021, 8:39pm

Hi @developer14,

Thanks for reaching out to the Auth0 Community!

I am not sure about the user.oid in Actions since this attribute is not in our documentation, but it may be worth trying the event.user.oid property in Actions and seeing if that works in retrieving the previously called user.oid information. See below:

/**
 * @param {Event} event - Details about the user and the context in which they are logging in.
 * @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
 */
exports.onExecutePostLogin = async (event, api) => {
  const namespace = 'https://my-app.example.com';
  if (event.authorization) {
    api.accessToken.setCustomClaim(`${namespace}/user_oid`, event.user.oid);
  }
}

You may find this example Action use case for adding roles to claims helpful.

Please let me know how this works for you.

Thank you.

developer14 · December 22, 2021, 12:39am

rueben.tiow:

exports.onExecutePostLogin = async (event, api) => {
  const namespace = 'https://my-app.example.com';
  if (event.authorization) {
    api.accessToken.setCustomClaim(`${namespace}/user_oid`, event.user.oid);
  }

Hi Rueben,
thank you for your help!!!
the solution you’ve suggested was the first thing I’ve tried to do, however when I write ''event.user.oid", the environment shows an erros saying

"Property 'oid' does not exist on type 'User & { multifactor?: string[] | undefined; } & { identities: UserIdentity[]; }'.(2339)".

That’s why Im not using it. Also, even if I try to use it, it doesn’t bring anything.

When I use rules I can have something like this

function activeDirectoryGroups(user, context, callback) {
  
  context.accessToken[`my_namespace/user_oid`] = user.oid;

  callback(null, user, context);
}

and it works, I just don’t know how to do the same with actions.

thanks.

system · January 6, 2022, 12:40am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

rueben.tiow · January 12, 2022, 6:37pm

Hi @developer14,

Thank you for your response and for testing this for me.

In this scenario, I recommend that you continue using Rules to append the user_oid as a custom claim.

I understand that there have been warnings and notifications about migrating from Rules to Action, but I can confirm that all of the features in Rules will be available in Actions as we get closer to the end of life of Rules.

Please let me know if you have any further questions.

Thanks.

system · January 27, 2022, 6:37pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.