Ready to post? 
First, try searching for your answer.
Hi there,
Firstly apologies if this is already answered but I am struggling to find an answer.
We have a login flow using Auth0 and part of the that is we need to get some attributes from the user when authenticated. Currently, we are making a new user in the CMS using the email, but we need more details from the user_meta object. How best to do this? i have tried using actions, I’m getting no change to the session. Can it be done without another API query? Can I just add to the returned authenticated session object?
Im after any help here. Ideally id just like to update the returned session data as it will only be a few fields, such as names, role. So an other API request would be overkill i feel.
Many thanks for any help.
Hi @chris.alwin,
Welcome to the Auth0 Community and thank you for your post!
You are able to pass more information about a user such as user_metadata to your application by using Custom Claims in order to add more fields to the token. This can be achieved with a Post-Login Action, as mentioned here, in our documentation about metadata.
An example would be as mentioned below:
const namespace = 'https://my-app.example.com';
api.idToken.setCustomClaim(`${namespace}/user_metadata`, event.user.user_metadata);
You can also check this community post, which references this Knowledge Article about Adding custom claims to tokens.
Additionally you might also be interested in having a look over the Authorization Extension.
I hope this helped.
Best regards,
Remus
1 Like
Thankyou so much!! I am on the right path then. Is there caching on the responses? As I don’t see any changes. I can see in the logs the Action runs and the console logs out the data I want but I still just getting the same user object as part of the session response:
nickname: 'user',
name: 'Demo User',
picture: 'https://s.gravatar.com/avatar/221bbf03138d06df71744ceefa07cce5?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fus.png',
email: 'user@*****-email.com',
email_verified: false,
sub: 'auth0|66c286******d181fb467'
Log output:
thanks
Hi @chris.alwin,
Thank you for your reply !
Generally speaking there shouldn’t be no caching involved, but this depends on the authentication as well. Since this is a post-login action, the process of setting custom claims will happen after the user authenticates, so after a token was already issued. The changes will be seen only when a new token has been generated.
Please let me know if after a new token is issued this is still the case.
Thanks,
Remus
Yeah im still not seeing any change, with different access tokens. I could be looking in the wrong place though, im referencing the session thats created not a user API endpoint. The first code snippet is the user object that is got from the session user. Ideally where i’d get the updated info.
Hi @chris.alwin,
Thank you for your reply !
As it can be seen in the community post that i have mentioned earlier as well, with setting custom claims to the tokens for you can you either the GET user info endpoint to access the metadata from the claims, but you can also decode the token using a tool such as jwt.io and see all the claims within it.
Please have a look at our documentation about JWT Claims, Get Access Tokens or GET an ID Token with the right scopes and claims with some sample use-cases being presented under this documentation. Additionally you can also check this blog post.
Thanks,
Remus
Appreciate all your help. I have found the issue and not a Auth0 or my configuration. As thats was all working as expected. It turns out using the NextJS Auth0 SDK has a filter on the session keys. So adding the beforeSessionSaved to the AuthClient setup allows me to view all the info i need. nextjs-auth0/EXAMPLES.md at main · auth0/nextjs-auth0 · GitHub
In case anyone else comes across this. Make sure to add the documented function to the client setup for NextJS implementation.
