Custom claims are not setting up in case of magic link

fahad.amin · April 10, 2025, 4:20pm

Custom claims are not coming through with access token. I am using passwordless authentication(magic-link). below is my post login flow

exports.onExecutePostLogin = async (event, api) => {
if (event.connection.name === ‘email’) {
const now = new Date();
const ttlMinutes = 5;

const existingSessionExpires = event.user.app_metadata?.sessionExpires;

const assigned_tenant = event.request.query.assigned_tenant || "default1";


if (!existingSessionExpires || new Date(existingSessionExpires) < now) {
  const sessionExpires = new Date(now.getTime() + ttlMinutes * 60 * 1000).toISOString();
  api.user.setAppMetadata('isTemporary', true);
  api.user.setAppMetadata('sessionExpires', sessionExpires);
  api.user.setAppMetadata('isValid', true);
  api.user.setAppMetadata('linkUsed', true);
  api.user.setAppMetadata('assigned_tenant', assigned_tenant);

  api.accessToken.setCustomClaim('https://autoverify-stage.eu.auth0.com/is_temporary', true);
  api.accessToken.setCustomClaim('https://autoverify-stage.eu.auth0.com/session_expires', sessionExpires);

  api.idToken.setCustomClaim('https://autoverify-stage.eu.auth0.com/is_temporary', true);
  api.idToken.setCustomClaim('https://autoverify-stage.eu.auth0.com/session_expires', sessionExpires);
} else {
  api.user.setAppMetadata('isValid', false);
  api.accessToken.setCustomClaim('https://autoverify-stage.eu.auth0.com/is_temporary', false);
}

}
};

everything else is working fine appmetadata is setting up alright but i am not getting custom claims

nik.baleca · April 10, 2025, 5:18pm

Hi @fahad.amin

Welcome to the Auth0 Community!

I have tested the action on my personal tenant and I was running into the same issues.

However, I managed to set the custom claims by changing the namespace you have set to something different:

  api.accessToken.setCustomClaim("https://test.com/is_temporary", true);
  api.accessToken.setCustomClaim("https://test.com/session_expires", sessionExpires);

  api.idToken.setCustomClaim("https://test.com/is_temporary", true);
  api.idToken.setCustomClaim("https://test.com/session_expires", sessionExpires);

As mentioned in our documentation, I believe the namespaces you have used go against our guidelines.

*Use any non-Auth0 HTTP or HTTPS URL as a namespace identifier. Auth0 domains cannot be used as namespace identifiers, and include:

auth0.com

webtask.io

webtask.run

If you have any other questions, feel free to leave a reply!

Kind Regards,
Nik

Topic		Replies	Views
Custom Claim Does Not Show Up in Access Token Get Help login-experience , login-prompt-new-experience	6	789	June 24, 2024
Can only seem to set custom claim on id token not access token Get Help extensibility , actions-extensibility	2	844	August 14, 2023
Rules adds email to custom claims, but not working with actions Get Help login-experience , new-universal-login-experience	2	661	September 12, 2023
Custom claims not added to tokens in post-login Action flow Get Help	4	3624	October 1, 2021
Triggers->postLogin->exports.onExecutePostLogin \| Not reflect custom data \| Not working Get Help login-experience , new-universal-login-experience	5	37	February 13, 2025

Custom claims are not setting up in case of magic link

Related topics