As part of login process, is there a documented way to show a ‘terms and conditions’ page with an ‘accept’ checkbox or button, which can then be stored in the user_metadata?
I have tried just adding to middleware to check if user has accepted terms by setting a property in user_metadata, then redirecting to terms-condition page if necessary. However from that, though I ‘think’ I can make an PATCH API call to api/v2/users/:id endpoint to update the user, I then shall have the problem that the session info doesn’t contain the new accepted terms status. (is there a way I can refresh the session with the new value without logging out/in again or am I completely off track in my approach?)
For reference, I’m using typescript/nextjs if relevant.
Yes, this is possible with Auth0 Redirect Actions. You can redirect your users to an external page where you gather their consent and store it in the user’s user_metadata.
You can also selectively trigger this based on some criteria, such as, their login count, like during their first time logging in.
You can append the user’s user_metadata as a custom claim after the redirect has completed and this way that information can be retrieved during the same session flow.
Here is a reference using Rules. You will have to convert it to an Action:
Thanks Rueben, your suggestion worked well. Just one minor annoyance though with user event.secrets in the custom actions, I can’t ‘see’ what the values are that I’ve set each key. Could you add a show/hide option which is very common on other platforms?