Can't use 'permissions' as claim name in idToken

I have created an action to include the user permissions in the id token (hopefully this helps someone since I couldn’t find an example)

exports.onExecutePostLogin = async (event, api) => {
  const ManagementClient = require('auth0').ManagementClient;

  const management = new ManagementClient({
      domain: event.secrets.domain,
      clientId: event.secrets.clientId,
      clientSecret: event.secrets.clientSecret,

  const params =  { id : event.user.user_id};

  try {
      const res = await management.users.getPermissions(params)
      const permissionNames = => entry.permission_name);            
      const permissionsClaim = 'permission'                  
      api.idToken.setCustomClaim(permissionsClaim, permissionNames);       
  } catch (e) {    

If I try to use “permissions” as the claim name, which is what I would like to do for consistency, it does not add anything to the token. However, changing it to ‘permission’ does work.

Is this reserved?

Hello @rev23dev !

permissions is indeed a restricted claim.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.