How to update idTokenClaims for express-openid-connect

Get Help
1

Please include the following information in your post:

I have a use case where I need to update the users idTokenClaims (req.oidc.idTokenClaims email_verified field in my node web/express application once the user has verified its email.

Currently if the user verifies his email and I try to do a silent login as stated here with a next js example, but the information inside req.oidc.idTokenClaims do not update after the re-login is successful

Additionally I saw the same question asked here but it has not been answered.

code snipite:


server.get("/user", requiresAuth(), async (req, res) => {
    return res.status(200).json(req.oidc.idTokenClaims);
});

server.get("/refresh", (req, res) => {
  res.oidc.login({
    authorizationParams: {
      prompt: "none",
    },
    returnTo: `http://localhost:${port}`,
  });
});
2

This is an ancient thread, but I’m going to drop a tip here in case it is useful to someone in the future. the email_verified field in idTokenClaims should be considered “read-only” by your app. It refers to whether the user email has been marked verified in the auth0 users database. If a user verifies their email e.g. by clicking an email verification link sent by Auth0, then this flag will be true. You can update the flag using the Management API by using the Update User endpoint, setting email_verified to true. Or if you’re creating the user yourself using the API and the email is known-good, you can set email_verified to true when the user is created with Create a user