Auth0 Home Blog Docs

Missing app_metadata in post-user-registration hook



Hi there,

I’m trying to implement some post registration logic which leverage some app_metadata to recognize different user flows/journeys.

I cannot see any of the app_metadata in the user object I receive in the hook. The final user definitely have such metadata.

Am I doing something wrong?

Due to the type of data I don’t want to put this in the user_metadata which seems to come through correctly.



Is there any update on this, I’m seeing the same issue too.



Hello cesare/dlm,

Nothing’s wrong on your end, the app_metadata is not presently available to Hooks out of the box. Apologies for the misleading information, we will get that documentation corrected. We do intend to make it available eventually, but I do not have an ETA on that change.

In the meantime, you can use the Management API to access this information. It’s a bit more involved, but I did test this out myself and was able to get at the app_metadata for a newly created user. This example code was inspired by Use the Management API in rules. But since we’re working in a Hook the example below must first obtain an access_token (Get an access token).

important: you can set your client_id, client_secret, and domain as webtask secrets by clicking the wrench icon -> secrets in the top left corner of the hook editor. That will safely make them available as shown in this code snippet. These credentials need to be for a Non Interactive Client with access to your Auth0 Management API.

// example hook accessing app_metadata via the Management API
module.exports = function (user, context, cb) {
  var request = require('request');
  var ManagementClient = require('auth0@2.6.0').ManagementClient;
  var domain = context.webtask.secrets.domain;
  var options = { 
    method: 'POST',
    url: 'https://' + domain + '/oauth/token',
    headers: { 'content-type': 'application/json' },
    body: { 
      grant_type: 'client_credentials',
      client_id: context.webtask.secrets.client_id,
      client_secret: context.webtask.secrets.client_secret,
      audience: 'https://' + domain + '/api/v2/' 
    json: true 

  request(options, function (error, response, body) {
    if (error) throw new Error(error);
    var management = new ManagementClient({
      token: body.access_token,
      domain: domain
    management.getUser({ id: 'auth0|' + }, function (err, enrichedUser) {
      // Access app_metadata with enrichedUser.app_metadata

Let me know how that works out for you, or if you have any questions getting it all set up.

Good luck!

Matt Maddex
Technical Support Engineer


Hi Matt,

thanks for the advice. I just managed to use the approach you suggested and it works fine.

I already had a ManagementClient for other purposes so it was simple to extend to get the full user object.


This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.