What is the maximum size limit for adding a custom claim to an idToken? I’m debating whether I should use roles and permissions via the custom claims and IdToken. Or just use the management API via an express app. I know I’ll be limited via the rate limit for the management API and I don’t expect to hit that rate limit consistently.
Just curious about the possibilities that I have, any suggestions are welcome.
Thanks for the answer. As noted by one of the stackoverflow answers people have mentioned 8k for HTTP headers size limit, which makes sense. Ok I’ll start off with the putting the roles and permission in the idToken via a rule. If it goes wild then I’ll consider using a backend server to make calls to get roles and permissions for a user.