I have an old DB that contains some email to role mappings. I would like to use an action to pull in those mappings and inject them into the JWT as custom claims. Is this possible/recommended? Is there documentation on how to do this?
Also if I do it is it considered an external DB and does that increase my subscription price.
Thanks for contacting us at Auth0 Community.
I would recommend interfacing your old DB with an API (that can only do specific things) instead of connecting to your old DB directly from an Action. You can then use a package like Axios to connect to the API and get the data you need such as role mappings for a particular email address which would map to the user being registered in Auth0. You’ll need to use a Pre Registration Action and add the roles to the user_metadata https://auth0.com/docs/customize/actions/flows-and-triggers/pre-user-registration-flow#store-a-user-id-from-another-system-in-the-user-profile
Once the roles are in user_metadata, you might create a Post Login Action to add those roles from user_metadata into a users ID Token as custom claims https://auth0.com/docs/customize/actions/migrate/migrate-from-rules-to-actions#convert-custom-claims-in-tokens (After section)
This should get you started but let us know if you have any specific questions on any of this.
Assuming I did it this way how would I get a client cred token to communicate with the API? Would I have to use axios to call
/token or is there an easier way to handle this in an action?