Mystery "personal data" fields in password policy

markd · July 26, 2021, 1:31pm

ref: Password Options in Auth0 Database Connections

The “personal data” checks include checks against:

user_metadata.name
user_metadata.first
user_metadata.last

Does anyone know what these are? I’ve not seen them before despite being on Auth0 for over 4 years. There are, or should be, no standard fields in user_metadata. I mean, I know what they are supposed to be, first name, last name, etc., but should these checks not reference the root family_name, given_name, …? Or is this just an error in the docs?

dan.woda · July 26, 2021, 3:17pm

Hi @markd!

Let bring this question to our field team. I’ll report back here with the response.

dan.woda · August 23, 2021, 4:32pm

Hi @markd,

I apologize for the delayed response. You are right in saying that we should expect no standard claims in the user_metadata object. I can’t find a direct answer as to ‘why’ this exists, other than that it is an artifact from a historical implementation.

I’ve recorded this as product feedback.

system · September 7, 2021, 4:32pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Why is the first and last name not showing correctly in the user database Help login-experience , new-universal-login-experience	7	696	April 18, 2024
New user metadata fields not included in claims Help	1	1103	October 27, 2022
Accessing user_metadata in Auth0 Action Help auth0 , change-password	4	4775	March 11, 2022
Add User Metadata to Universal Login Help login-experience , signup-prompt-new-experience	4	2304	December 15, 2022
Disallow Personal Data in Password Help password	3	2578	July 23, 2021

Mystery "personal data" fields in password policy

Related Topics