Problem statement
I successfully created a rule based on the Remove attributes from user template:
function removeUserAttribute(user, context, callback) {
const removelist = ['nickname','picture'];
Object.keys(user).forEach(function (key) {
if (removelist.indexOf(key) > -1) {
delete user[key];
}
});
callback(null, user, context);
}
I migrated the code, by following the Auth0 documentation, to a Login Flow action script:
exports.onExecutePostLogin = async (event, api) => {
const removelist = ['nickname','picture'];
Object.keys(event.user).forEach(function (key) {
if (removelist.indexOf(key) > -1) {
delete event.user[key];
}
});
return;
};
The rule works fine, but the action script is not deleting the ID Token keys.
Cause
It’s currently not possible to remove claims from the ID token using actions. It’s on our roadmap to close this parity gap but it likely won’t be supported until some time in 2024.
Solution
In the meantime, you should be able to at least set the claims to empty values as a close approximation.