Problem statement
Can the ‘nickname’ and ‘picture’ claim from the ID token be removed after a user authenticates successfully. This was possible with Rules previously. What is the recommended solution for the use case when leveraging Actions?
Solution
The claims will be found in the ‘event’ object in Actions and those values are immutable so deletion is not possible. To change claims as they appear in an ID Token, use the following pattern to set an alternative name for the claim that indicates it has been removed:
api.idToken.setCustomClaim('picture', undefined);