/**
* Handler that will be called during the execution of a PostLogin flow.
*
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onExecutePostLogin = async (event, api) => {
var profileId = event.user.app_metadata.profileId;
api.idToken.setCustomClaim("profileId", profileId);
api.accessToken.setCustomClaim("profileId", profileId);
};
It sets the claim on the ID Token with no problem, but my access token has no custom claims.
So I got it working by adding a namespace prefix:-
/**
* Handler that will be called during the execution of a PostLogin flow.
*
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onExecutePostLogin = async (event, api) => {
const nameSpace = "https://my-domain.com/";
var profileId = event.user.app_metadata.profileId;
api.idToken.setCustomClaim("profileId", profileId);
api.accessToken.setCustomClaim(nameSpace + "profileId", profileId);
};
It would be helpful if you could see these issues in the logs somewhere.