I originally asked a similar question last year (Cannot Access Mapped SAML properties Inside Custom Action). The issue still persists so I am still using a custom Rule to access the SAML response field.
I would like to migrate over to Actions since those are recommended and Rules are set to be deprecated very soon (sometime in 2022). That response states:
First, I’d like to address that we will continue to support Rules until its deprecation sometime in the second half of 2022. By that time, all of the features in Rules will be integrated and available in Actions.
I really want to use Actions but this is blocking me. My setup looks like this:
My Enterprise SAML Mappings
"custom_saml_groups": [
"http://schemas.auth0.com/group"
]
My New Action
exports.onExecutePostLogin = async (event, api) => {
const customGroups = event.user.custom_saml_groups; // THIS DOES NOT EXIST
if (customGroups === 'MyExpectedGroup') {
api.user.setAppMetadata('app_group', 'SpecialGroup');
}
}
Whereas, my current Rule still works:
function(user, context, callback) {
const customGroups =user.custom_saml_groups; // THIS EXISTS
if (customGroups === 'MyExpectedGroup') {
const meta = user.app_metadata;
meta.app_group = 'SpecialGroup';
auth0.users.updateAppMetadata(user.user_id, meta);
}
}
Another community member recommended fetching the user from the Management API, but SGO said that wasn’t a scalable solution because of rate limits.
Is there any update on when this will be available in Actions and/or if there is a solution out there? There is no way to map SAML claims to app_metadata
so my only option is to use Rules/Actions.
Thank you,
David