Custom claims missing after successful form action in post-login flow

Get Help
,
1

Hello there!

I’m working on a POC to showcase the forms feature to my team and to implement it in our project. However, I’m experiencing an issue with the post-login flow after the action that renders my form.

We have an action that sets custom claims in the access token and adds custom metadata to the ID token. But when we use the action that renders a form, these custom claims and metadata are missing at the end of the post-login flow.

We’re using a simple form without complex logic, very similar to the example shown in your documentation.

Do you have any idea what might be causing this issue?
If I remove the form action, the post-login flow works correctly.

Thanks in advance!

3

Hello!
The form action might be interfering with custom claims and metadata in your post-login flow. Try setting claims after the form action, ensuring the correct token scope and audience, and verifying namespace formatting. If removing the form action restores claims, consider handling claims separately from the form rendering process.

4

Hi @lbarbosa1

Welcome to the Auth0 Community!

As @Joe439Day mentioned, there might be some confusion, interference between the data of the action and the data of the form which could cause the issue at hand. If you could provide snippets of the form and action that you are using or if you can DM the tenant name so I can take a look myself, that would be great.

If removing the form action restores claims, consider handling claims separately from the form rendering process.

Indeed, setting a custom claim might be better if done in a separate action then inside the same on you are rendering the form in. However, if you need to access data from the form, that might not be suitable.

If you have any other questions, let me know!

Kind Regards,
Nik

5

Hi guys, thanks for replying to me!

In my post-login flow, I have several specific actions to handle different things.
One of them sets custom claims in the access token and ID token — this action only does that, nothing else.
It currently works perfectly in production without the form action.

The problem appears when I place the form action at the beginning of the post-login flow.

Here’s the code for the form action:

exports.onExecutePostLogin = async (event, api) => {
  api.prompt.render(event.secrets.formId);
};

exports.onContinuePostLogin = async (event, api) => {};

The form is very generic:

image
image1601×552 30.8 KB

Here’s the body for the flow, Update User:

{
  "user_metadata": {
    "apodo": "{{fields.apodo}}",
    "telofono": "{{fields.telefono.number}}"
  }
}

and I set User ID field using this value: {{context.user.user_id}}
I don’t use any data from the form to create these custom claims.
The vault has permission to update users, and It is connected.

6

Got it! Thanks for the extra details on the matter.

Could you check inside the logs after the login is successful if there are any errors related to the form/action not being able to be executed?

I will test it out on my end to see if I am able to reproduce this behaviour and what might be the cause.

I will come back with an update as soon as possible!

Kind Regards,
Nik

7

I checked the flow logs and it shows as COMPLETED:

{
  "type": "CONTINUE_SEQUENCE",
  "params": {},
  "artifacts": {}
}

Also, in the logs section, there are no errors for the user in any of the actions.
The user’s login is successful, but it doesn’t have the claims that I need in order to continue on my website.

8

Hello there,

I hope you’re doing well.
I just wanted to follow up and check if there are any updates regarding the issue I reported. It’s currently blocking us.

Looking forward to your help.
Thanks in advance!

9

Hi @lbarbosa1

I am sorry about the delayed response to your inquiry!

I have tested out the forms on my end and after the user authenticated, it had all the data and the custom claims I have set present.

Below you can see the idToken post login, the user metadata set and the actions used:

USER METADATA

image
image1834×758 98.6 KB

ID TOKEN
image
image1774×664 49.9 KB

TRIGGER FLOW
image
image906×1524 33 KB

FORM RENDERING
image
image1142×1012 80.7 KB

CUSTOM CLAIMS SET
image
image1492×488 46.7 KB

Here is how my forms and flow are set up:
FORM

image
image2642×792 128 KB

STEP DATA
image
image906×1524 45.3 KB

FLOW DATA
image
image906×1524 56.1 KB

I could not identify any issues to why either the user metadata or the custom claims would not be setting.
If you would follow my approach, the user should contain all the necessary details entered in the form.

Let me know if you need help with anything else or if you have any other questions on the matter!

Kind Regards,
Nik

1 Like
10

Thx nik!
We had an other issue in our client using the Auth0’s SDK.

The problem related in this post was resolved.

Thanks!

11

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.