Auth0 Home Blog Docs

Caching in rules using the "global" object



I’m implementing a rule that accesses another secured rest api which requires (client credentials) login. I need to cache the credentials somehow.

Having read the docs, the only way to do this seems to be using the “global” object. This works fine. HOWEVER: the global object recycles very fast (after 30 seconds?)

This seems to be related:

1) In Auth0 rules, are there any other alternatives to storing shared stuff such as access tokens? The access token would normally be valid for a couple of hours, but since the global object is short-lived I cannot cache them for long…

2) Do I have any way to control the webtask recycling strategy?

3) I assume that the configuration object is immutable, so it is not an option to use this as a “store”?


(Q3) That’s correct, the configuration object is meant to pass information in one way, from the outside to the rules logic so it does not seem applicable.

(Q2) The recycling policy is not configurable.

(Q1) To my knowledge, there’s no other built-in way to cache it so the characteristics offered by the global object are what’s available. In addition to that, I can only think of workarounds like considering brokering the API consumption through another endpoint and support another sort of client authentication mechanism like an API key on that endpoint. This way the endpoint rules would call would require the API key approach and hide the client credentials grant aspects of it required by the underlying API.