How to get the given_name and family_name as soon as user signs up in the auth0 user Object

Hi everyone,

I’m currently facing an issue with Auth0 during the signup process using Universal Login with custom fields.

I’ve created a Pre-User Registration Action to validate and store the first and last name from the signup form, like this:


exports.onExecutePreUserRegistration = async (event, api) => {
    if (!event.user.family_name || !event.user.given_name) {
        if (!event.request.body['ulp-first-name'] || event.request.body['ulp-first-name'].trim() === "") {
            api.access.deny("First name (given_name) is required", "Please provide your first name to complete the registration.");
            return;
        }

        if (!event.request.body['ulp-last-name'] || event.request.body['ulp-last-name'].trim() === "") {
            console.log("Last name (family_name) is not provided, proceeding with registration.");
        }

        api.user.setUserMetadata("given_name", event.request.body["ulp-first-name"] || "");
        api.user.setUserMetadata("family_name", event.request.body["ulp-last-name"] || "");
    }
};

The issue is:
:small_blue_diamond: When the user signs up, the given_name and family_name fields are missing in the ID token and user object.
:small_blue_diamond: But if the user logs out and logs back in, those fields are suddenly available.

I’m assuming this is because they’re stored in user_metadata during signup, and not reflected in the token immediately.

My question:

How can I make sure given_name and family_name are included in the ID token the very first time the user signs up (without needing a second login)?

Do I need to create a Post-Login Action to map user_metadata into token claims manually? Or is there a more “Auth0-native” way to do this?

Thanks in advance for any help or recommendations!

Aditya

Hi @aditya-1

The issue is caused by the fact that whenever you update user data during a Trigger, the access and ID token are being generated and forwarded to the application prior to the updates finalizing. This means that in order to receive a proper token with the updated information of the user you would need to either force re-authentication for the user or perform a silent authentication once they have logged in so that your application can retrieve the new token with all the necessary information.

As you have mentioned, another alternative would be to map the necessary values as custom claims inside the ID token so that you can bypass the need of re-authentication.

Otherwise, you can use a machine-to-machine application to assign roles outside of the Action (e.g., via a backend job triggered post-registration via a webhook or event).

Let me know if you have any other questions!

Kind Regards,
Nik

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.