We have a passwordless solution set up and have an action that embeds roles / permissions to the user object response from auth0. Having real trouble though because in all of our environments EXCEPT production we receive the “picture” key with the URL for the gravatar. I tried the custom actions for this project and it logs the URL perfectly fine in Auth0 control panel but even trying to add it manually via
api.idToken.setCustomClaim('picture', {{basically anything}})
doesnt work, the key is just non-existant when we receive the idToken in production.