TLDR; One of my rules that adds a custom claim to access tokens won’t work with a new Google signup, but works fine for regular Auth0 DB new signups.
I have a statistics website with a React FE and a .NET Core BE. So far, users have been creating new accounts/logging in as Auth0 DB users. Everything works fine - these signups use a combination of pre-registration hooks and a rule (see # 2 below) to handle custom claims/creating new users in my BE API.
I’ve recently setup the Google social connection so that users can signup/login w/ Google on my website. Two rules handle new Google Social Connection users
- Add new social user to my API - Check if a user is logging in for the first time and is from a social connection. If so, create the new user in my BE API and add my backend’s custom API ID to the user’s app_metadata.
- Add a custom claim to my Google user’s access token - Takes the custom API ID from the user’s app_metadata and adds it to the Google user’s access token
The first rule works fine. The second rule does not work the first time a user signs up/logs in with Social (Google). The claim does not get added to the token. If the user logs out and logs back in, the claim is added just fine.
Would appreciate any insight on this issue.
Update @ 01/01/2021 Still haven’t resolved this issue, bumping