How do I cache a m2m token in a Auth0 Action

I am using a node action. It needs to call another service I have that caches some claim information…

const axios = require('axios').default;

const getToken = async (secret, audience, scope)=>{
  const tokenResult = await axios.post('https://.../oauth/token', {
    "grant_type": "...",
    "client_id" : "...",
    "client_secret": secret,
    audience,
    "scope":"service:identity"
  });
  return tokenResult.data["access_token"]
}

const getCorp = async (email, domain, secret)=>{
  const token = await getToken(secret, "...", "...")
  const corpResult = await axios.get(`${domain}/corporate?email=${email}`, {
    headers: {
      "Authorization": "Bearer "+token
    }
  });
  console.log("What we get back is ", corpResult.data);
  return corpResult.data;
}

exports.onExecutePostLogin = async (event, api) => {
  console.log("Running...");
  if (event.authorization && event.user.email != null){
    ...
    corp = await getCorp(event.user.email, event.secrets.API_DOMAIN, event.secrets.CLIENT_SECRET);
    ...
  }
};

This works but since the action can’t cache the value it requests a new M2M token every time. Is there a way to cache the token so that I am only getting a new one when I need to (expiry, etc)?

Based on this answer (Caching resources in Actions) and this documentation (Cache Expensive Resources in Rules) it looks like I need to use Rules instead?

@jgleason You are correct, there is currently no way to cache tokens in Actions, you will need to use Rules for now to do what you are looking for.

This is a common ask from the community. There is a feedback post (although not limited to token caching in just Auth0 Actions) that seems to fit your needs. You can vote on the post and let Auth0 know it is something you are looking for as well and hopefully they can implement a solution for you soon.

1 Like

Thanks for jumping in @gparascandolo! @jgleason Please do upvote the feedback request, like @gparascandolo this is a common ask and the more engagement we can get on the request the better :crossed_fingers: