Removing attributes before linking users

I’ve managed to successfully link accounts using a rule. However the response from the SAML provider contains sensitive information which I do not wish to store in the linked identities. It seems that the command delete user.sensitive_field does not remove the attribute before it is converted into the identities array.

Any help would be much appreciated.

Hi @kurtfi,

Welcome to the Community!

Is the field you are updating a metadata field? If this is the case, you need to update the stored user, not just the user object in rules. Changing the user in rules doesn’t have an effect on the actual stored user profile.

Let me know,

Hi Dan, thanks for replying!

I actually solved the issue by updating the connection’s properties beforehand:

const result = await requestPromise({
          uri: `${baseUrl}/connections/${}`,
          method: 'PATCH',
          body: {
            options: {
              non_persistent_attrs: sensitiveUserFields

Hope this helps someone else.


1 Like

Thanks for the update!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.