Auth0 does not return user_metadata

vicradon · September 21, 2020, 11:22am

I have an auth0 rule that is meant to modify the data returned to the user. It is meant to add a user_metadata field. I tried doing that with this rule

async function loginFaunaOnUserLogin(user, context, callback) {
  const faunadb = require("faunadb@2.11.1");

  user.user_metadata = user.user_metadata || {};
  const q = faunadb.query;
  const client = new faunadb.Client({
    secret: "",
  });

  try {
    const user_from_fauna = await client.query(
      q.Map(
        q.Paginate(q.Match(q.Index("users_by_email"), user.email)),
        q.Lambda("ref", q.Get(q.Var("ref")))
      )
    );
   
    if (!user_from_fauna.data[0]) {
      throw new Error("No user with this email exists");
    }

    const role = user_from_fauna.data[0].data.role;
    const collection = `${role[0].toUpperCase()}${role.substr(1)}s`;
    const index = `${role}s_by_email`;

    const user_in_collection = await client.query(
      q.Paginate(
        q.Match(
          q.Index(index),
          user.email
        )
      )
    );
    
    console.log({user_in_collection});
    
    let ref_id;

    if (!user_in_collection.data[0]) {
      const clientDetails = await client.query(
        q.Create(q.Collection(collection), {
          data: {
            metadata: user_from_fauna.data[0].data,
          },
          credentials: {
            password: user.user_id,
          },
        })
      );
      ref_id = clientDetails.ref.id;
    } else {
      ref_id = user_in_collection.data[0].id;
    }
    
    // Login Process
    const credential = await client.query(
      q.Login(q.Ref(q.Collection(String(collection)), ref_id), {
        password: user.user_id,
        ttl: q.TimeAdd(q.Now(), 10, "hour"),
      })
    );  
    
    user.user_metadata= {
      ...user_from_fauna.data[0].data, token: credential.secret, user_id: credential.instance.id
    };

    callback(null, user, context);
  } catch (err) {
    callback(err, user, context);
  }
}

But it wasn’t successful. I could only successfully modify the nickname field to add the metadata. Like this

...
// shortened code    

    // Login Process
    const credential = await client.query(
      q.Login(q.Ref(q.Collection(String(collection)), ref_id), {
        password: user.user_id,
        ttl: q.TimeAdd(q.Now(), 10, "hour"),
      })
    );  
    
    user.nickname = {
      ...user_from_fauna.data[0].data, token: credential.secret, user_id: credential.instance.id
    };

    callback(null, user, context);
  } catch (err) {
    callback(err, user, context);
  }
}

This is the schema of what is returned to the user

email: "",
email_verified: false
name: ""
nickname: {},
picture: "",
sub: ""
updated_at: ""

jmangelo · September 21, 2020, 12:16pm

After having obtained the metadata values from an external source you need to request for them to be saved/persisted to the user profile (Manage Metadata with Rules). Simply assigning the data to user_metadata property in a rule is not sufficient.

Can you check that if you call auth0.users.updateUserMetadata method like mentioned in the documentation you can save the data correctly?

vicradon · September 21, 2020, 1:39pm

Hello
Thank you for your reply.

So this is the updated bottom part of the auth rule

   
    user.user_metadata = {
      ...user.user_metadata,
      ...user_from_fauna.data[0].data, token: credential.secret, user_id: credential.instance.id
    };
    auth0.users.updateUserMetadata(user.user_id, user.user_metadata)
    .then(() => {
      callback(null, user, context);
    })
    .catch(function(err){
      callback(err, user, context);
    });

/*    callback(null, user, context); */
  } catch (err) {
    callback(err, user, context);
  }
}

The user_metadata property is still not available in the returned object

jmangelo · September 21, 2020, 2:22pm

Can you go to the users section of the dashboard and access the user profile for the user in question; if in the dashboard you can see the metadata information then the issue you are experiencing is that you are likely expecting to see such information in issued tokens or in responses from the user information endpoint, but by default metadata is not included in tokens issued through OIDC conformant flows.

vicradon · September 21, 2020, 2:41pm

The user_metadata of the user is available on the dashboard. Is there any other way I can attach custom data to the returned user object?

jmangelo · September 21, 2020, 2:46pm

If the data is available in the dashboard the first step would be to confirm in which place (tokens or endpoints) you were expecting the data to be present as well and it is not.

Can you clarify where exactly you would be expecting that information and it is not there? For example, if you need that information in an ID token or in an access token you could consider adding it as custom claims (Sample Use Cases: Scopes and Claims).

vicradon · September 21, 2020, 3:30pm

Thank you. I was able to attach the required data to a custom claim.

system · October 6, 2020, 3:30pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.