Problem statement
We want to expose the app_metadata in the token returned by the API.
The app_metatdata is like this:
{
"first_name": "xxx",
"last_name": "yyy",
"calendar_url": "zzz"
}
I want the calendar_url to be exposed in the user token.
I have an action that exposes the roles like the one below and would like to know how to add the app_metadata.
exports.onExecutePostLogin = async (event, api) => {
if (event.authorization) {
api.idToken.setCustomClaim(`user_roles`, event.authorization.roles);
}
}
Solution
You can use a Post Login Action similar to what you have, something like the below should work:
exports.onExecutePostLogin = async (event, api) => {
const namespace = 'https://myapp.example.com';
if (event.authorization) {
// Set claims
api.idToken.setCustomClaim(`${namespace}/calendar_url`, event.user.app_metadata.calendar_url);
}
};
There’s an example of how you might extract user information from metadata
See here for information on custom claims, the best practice is to use name-spaced claims to avoid name collisions now and in the future. However, this is no longer necessary providing you follow these guidelines