Manage User Metadata and App Metadata

rueben.tiow · December 19, 2023, 4:30pm

Thanks for reaching out to the Auth0 Community!

It appears that the way you have written your Post-Login Action script to append user_metadata and app_metadata properties to the access token, does not consider the condition where the user is authenticating against the SPA or M2M.

Consider using a conditional statement to check which app the user is authenticating against when appending custom claims. For example:

exports.onExecutePostLogin = async (event, api) => {
  const namespace = "http://yourNamespace/";
  if(event.authorization){
    if(event.client.name === 'SPA'){
      api.accessToken.setCustomClaim(`${namespace}user_metadata`, event.user.user_metadata)
      api.accessToken.setCustomClaim(`${namespace}app_metadata`, event.user.app_metadata)
    } else if (event.client.name === 'M2M'){
      api.accessToken.setCustomClaim(`${namespace}user_metadata`, event.user.user_metadata)
      api.accessToken.setCustomClaim(`${namespace}app_metadata`, event.user.app_metadata)
    }
  }
};

Doing it this way will only append custom claims based on the application the user logs into.

Please let me know if you have any questions.

Thanks,
Rueben

Topic		Replies	Views
SPA - User update own user metadata Get Help api	2	3365	May 26, 2021
Users App_metadata not getting updated when multiple application involved Get Help user-profile , user-management	0	369	January 26, 2024
Using Management API from a Login of a SPA Get Help auth0 , api , login	3	2829	May 12, 2021
Usermeta data is not showing in auth0 application Get Help management-api , users	2	791	June 22, 2023
Help understanding the use of Management API Get Help	5	5858	June 25, 2019

Manage User Metadata and App Metadata

Related topics