Post-Login Action not adding email to access token

I want to add the user’s email as a custom claim on my API access token. Following these instructions, I created a Post-Login Action to do so:

exports.onExecutePostLogin = async (event, api) => {
    // This adds the authenticated user's email address to the access token.
  if (event.authorization) {
    const namespace = ''; // this is my token issuer

The test doesn’t allow me to see what the modified access token will look like, like Rules tests did, but all seems ok here:

The Action is included in the Login flow:

But when I get an access token, either using cURL or getAccessTokenSilently, it doesn’t include the custom claim:

I see that the Action runs in the logs for login events, but it doesn’t appear to run for credential-token exchanges.

How can I fix this and get the custom claim added to the access token fetched via getAccessTokenSilently, which is what I really need the email added to?

Hi @sweet

It appears that you’re using a restricted namespace format. Our documentation states the following:

Use any non-Auth0 HTTP or HTTPS URL as a namespace identifier. Auth0 domains cannot be used as namespace identifiers, and include

Try updating your namespace variable to a value that does not include ‘’.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.