Today we encountered an issue in our dev environment. After some digging it turned out that all the custom claims on our
access_token were gone. So I started debugging the rule that provided these claims. Turns out that
user.app_metadata was now
undefined, though a new field
user.metadata had the same content as
user.app_metadata did previously.
Was this an intentional breaking change or is this a bug? Our production environment still works with the exact same rule contents.
Any insight into this issue would be very welcome
We are using
auth0-js - v8.7.0 (https://github.com/auth0/auth0.js)
- The auth requests affected use the following endpoint, with parameters something like this:
- response_type=“id_token token”
- + scope, client_id, redirect_uri, state, nonce, audience
- Database connection only
- As far as I know, only I encountered it because no one else worked on this area before I made a fix to the rule. I can remove the fix and try with a few different users if necessary.
- This happened every time from when I started to notice it. Since I adjusted the rule, I do not know if this still is an issue.
This just occurred now on our production environment:
Same behavior as dev environment. Seems to affect all users the same.