Adding Custom SAML Attributes from User Profile to Claims in Custom Action


I’ve set up an enterprise connection where Auth0 is the service provider. I’m mapping customer attributes on the provider, StoreID and Role, to location_id and idp_provided_role on the user profile.

I logged in and verified that this is correctly happening.

In custom actions I am attempting to get these values in order to:

  • Add StoreID/location_id to the access token as a claim
  • Set the role for the user

The problem I am running into is that I am not able to find where these properties are on the event object. I would figure that it would be on event.user object but I am not finding them there. Using event.user.location_id or event.user.idp_provided_role returns undefined. I looked over the post-login event object documentation and I don’t really see where else they would be located. The other expected location event.user.identities didn’t seem to contain what I wanted.

Also, is there a way to get a log dump of the event object to make this a little easier. Using console.log in various parts to get a view of the data is difficult since the logs truncate the output to something like 250 characters.

Hi @monstarmike

Welcome to the Auth0 Community.

This is currently a parity gap between Rules and Actions. I believe we aim to fill this gap early next year i.e. well before Rules deprecation.

Until then you can use Rules and something like the below may work for you (please test in a non-production environment):

function addValueToAccessToken(user, context, callback) {

  var namespace = '';

  context.accessToken[namespace + 'location_id'] = user.location_id;
  context.accessToken[namespace + 'idp_provided_role'] = user.idp_provided_role;
  return callback(null, user, context);

Warm regards.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.