Adding customclaim to id token but getting error

I have added below customclaim to my app but it is not applied. I want that when a user login to app idToken or access token have customclaim like below

app_name:"website name"
Below is the code for adding custom claim to IdToken but it not getting added and giving error.

exports.onExecutePostLogin = async (event, api) => {
  const namespace = ""
  const { website } = event.app_metadata;

  console.log("app name:",website)

  if (event.authorization) {
    // Set claims 
    api.idToken.setCustomClaim(`${namespace}/app/name`, website);

Event object passed to test.

    "created_at": "2023-08-07T09:48:10.750Z",
    "email": "",
    "email_verified": false,
    "identities": [
            "connection": "Username-Password-Authentication",
            "user_id": "64d0bddaadf0a94c33d33795",
            "provider": "auth0",
            "isSocial": false
    "name": "",
    "nickname": "learner",
    "picture": "",
    "updated_at": "2023-08-07T09:48:10.750Z",
    "user_id": "auth0|64d0bddaadf0a94c33d33795",
    "username": "learner",
    "app_metadata": {
        "website": "anasuria"
    "blocked_for": [],
    "guardian_authenticators": []

Response received

Test Results






app name: anasuria


  "total_request_duration_ms": 295,
  "total_runtime_execution_duration_ms": 291,
  "runtime_processing_duration_ms": 5,
  "action_duration_ms": 208,
  "runtime_external_call_duration_ms": 78,
  "boot_duration_ms": 83,
  "network_duration_ms": 4

Hi @AMIR1998

Thanks for contacting Auth0 Community.

A couple of things I wanted to mention. I think you just need to amend one thing in your Action, your destructure assignment doesn’t appear to be referencing app_metadata properly:

const { website } = event.app_metadata;

should be changed to:

const { website } = event.user.app_metadata 

Please review our event object properties here on the post login flow

The other thing I wanted to mention about your configuration specifically is if you have an app_metadata property that matches a standard oidc property exactly such as website (like in your case) then these will automatically appear into the users id_token without the need of using an Action, see standard claims here

As an example: the below will automatically appear in the user’s id_token and an Action would not strictly be required in this case:

I hope this helps
Wam regards.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.