Custom actions not always executed

I am using post-login actions to handle MFA and user roles. The actions work fine, but in some cases not all actions are performed if a user logs in.
In the logs I see “Successful login” but the Action Details show that not all actions are performed:

If the user does a logout and login again, the actions are performed properly:

How can this happen?


Hi there @klaus.schroeder ,

I’m looking into it in your dev tenant, starting with the AddRoles script. :slight_smile:

It goes like this

if (event.authorization) {
    //add custom token claims

I have set a similar Action in my test tenant and can see that this Action is completed every time the user clicks the login button in both scenarios:

  • when they are prompted for credentials and
  • without prompting for credentials (a session restored for an application).

So I was not able to reproduce what you’re observing.

I will investigate further by looking at potential Actions limitations that could take place in your case.

But if you take a look at the “Raw” and “Context Data” of the affected login success event, do you see something suspicious? How does this differ from all the other successful login events where all the Actions have been completed?
And what does the “Action details” say for the affected event?

(Disclaimer: I didn’t find the log from your first screenshot, so I can’t see the details).