Adding customclaim to id token but getting error

I have added below customclaim to my app but it is not applied. I want that when a user login to app idToken or access token have customclaim like below

app_name:"website name"
Below is the code for adding custom claim to IdToken but it not getting added and giving error.

exports.onExecutePostLogin = async (event, api) => {
  const namespace = "https://portal.app.com"
  const { website } = event.app_metadata;

  console.log("app name:",website)

  if (event.authorization) {
    // Set claims 
    api.idToken.setCustomClaim(`${namespace}/app/name`, website);
  }
};

Event object passed to test.

{
    "created_at": "2023-08-07T09:48:10.750Z",
    "email": "learner@gmail.com",
    "email_verified": false,
    "identities": [
        {
            "connection": "Username-Password-Authentication",
            "user_id": "64d0bddaadf0a94c33d33795",
            "provider": "auth0",
            "isSocial": false
        }
    ],
    "name": "learner@gmail.com",
    "nickname": "learner",
    "picture": "https://s.gravatar.com/avatar/b3118e351aa0b1db98fc5d2c61ba8a3f?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fle.png",
    "updated_at": "2023-08-07T09:48:10.750Z",
    "user_id": "auth0|64d0bddaadf0a94c33d33795",
    "username": "learner",
    "app_metadata": {
        "website": "anasuria"
    },
    "blocked_for": [],
    "guardian_authenticators": []
}

Response received

Test Results

Commands:

[]


Error:

{}

Logs:

app name: anasuria

Stats:

{
  "total_request_duration_ms": 295,
  "total_runtime_execution_duration_ms": 291,
  "runtime_processing_duration_ms": 5,
  "action_duration_ms": 208,
  "runtime_external_call_duration_ms": 78,
  "boot_duration_ms": 83,
  "network_duration_ms": 4
}

Hi @AMIR1998

Thanks for contacting Auth0 Community.

A couple of things I wanted to mention. I think you just need to amend one thing in your Action, your destructure assignment doesn’t appear to be referencing app_metadata properly:

const { website } = event.app_metadata;

should be changed to:

const { website } = event.user.app_metadata 

Please review our event object properties here on the post login flow https://auth0.com/docs/customize/actions/flows-and-triggers/login-flow/event-object

The other thing I wanted to mention about your configuration specifically is if you have an app_metadata property that matches a standard oidc property exactly such as website (like in your case) then these will automatically appear into the users id_token without the need of using an Action, see standard claims here https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims

As an example: the below will automatically appear in the user’s id_token and an Action would not strictly be required in this case:

I hope this helps
Wam regards.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.