Delete standard claims of IDTokens from Actions (Rules Parity)

lihua.zhang · September 1, 2023, 11:15pm

Problem statement

I successfully created a rule based on the Remove attributes from user template:

function removeUserAttribute(user, context, callback) {
 const removelist = ['nickname','picture'];
 Object.keys(user).forEach(function (key) {
  if (removelist.indexOf(key) > -1) {
   delete user[key];
  }
 });
callback(null, user, context);
}

I migrated the code, by following the Auth0 documentation, to a Login Flow action script:

exports.onExecutePostLogin = async (event, api) => {
 const removelist = ['nickname','picture'];
 Object.keys(event.user).forEach(function (key) {
  if (removelist.indexOf(key) > -1) {
   delete event.user[key];
  }
 });
 return;
};

The rule works fine, but the action script is not deleting the ID Token keys.

Cause

It’s currently not possible to remove claims from the ID token using actions. It’s on our roadmap to close this parity gap but it likely won’t be supported until some time in 2024.

Solution

In the meantime, you should be able to at least set the claims to empty values as a close approximation.

Topic		Replies	Views
Remove attributes from user rule template migration to login flow action script not working Help custom-webtasks , deprecations	3	886	July 7, 2023
Remove claims from the ID token with actions Knowledge Articles claims , id-token , action , remove	1	911	August 23, 2023
Remove Claims from ID Token with Post Login Action Knowledge Articles rules , claims , id-token , actions	1	534	February 1, 2024
Custom Claims working with idToken in Rules, but not in Actions Help login-experience , new-universal-login-experience	3	17	September 13, 2024
Auth0 Groups not accessible in Actions Knowledge Articles rules , actions	1	940	August 17, 2023

Delete standard claims of IDTokens from Actions (Rules Parity)

Problem statement

Cause

Solution

Related Topics