Issue with rules based login, was working 2 weeks ago and now not

function updateTokenClaims(user, context, callback) {
  if (context.clientID === "") {
if ( === "") {
  context.idToken[""] = [
} else if ( === "") {
  context.idToken[""] = ["user"];
} else {
	context.idToken[""] = ["guest"];
  callback(null, user, context);

This is my rule for the Auth Pipeline. I retrieve the JWT information via the getIdTokenClaims() method in the sdk. I could retrieve the user role information about a week ago. But it’s no longer working and I do not know why. Has there been an update? What could I be doing wrong here? Thanks.

It’s hard to say with this information; given the rule is apparently redacted I’m assuming the conditionals for client and user related conditions are correct. With those conditions being correct the namespaces would also be correct if they are a URL that is not using one of the internal domains that are disallowed. I guess they are not since this worked at one point in time.

I would likely start with instrumenting the rules with console.log statements and use webtask real-time logs extension to see the output. If you have more rules enabled, it may be worth it to do a quick test with just the custom claims one.

If you confirm the rule is working as expected we would likely need to review the request that requests the tokens to be issued in the first place. Also, a quick way for you to check it’s not rules would be to add a custom claim that is not within a condition and with an hardcoded value.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.