Set Access Token Claims Using Actions

lihua.zhang · August 11, 2022, 10:25pm

Last Updated: Aug 13, 2024

Overview

This article details how to set Access Token Claims using Actions.

t is possible to populate Access Tokens (AT) or ID Tokens with custom claims using a Post Login Action.

Our Post Login Actions have access to two objects that offer different features. These objects are:

The Event object offers access to Properties related to the Authentication Request such as client id, connection name, transaction, etc.

The API object provides a set of Methods that can be used to perform different actions, such as adding custom claims.

To add a custom claim to an Access Token, use the following function:
```
api.accessToken.setCustomClaim(name, value);
```

A complete Post Login Action that adds a custom claim to the AT would look like this:

exports.onExecutePostLogin = async (event, api) => {
    api.accessToken.setCustomClaim('my-custom-claim', 'my-value');
};

Similarly, it is possible to add Custom Claims to an ID Token by referencing it before calling the setCustomClaim function:
```
api.idToken.setCustomClaim(name, value)
```

Topic		Replies	Views
Set ID Token Claims using Actions Knowledge Articles claims , id-token , actions	1	1946	August 11, 2022
Adding custom claims to tokens Knowledge Articles id_token , access-token , custom-claims , actions	1	7067	June 3, 2022
Can only seem to set custom claim on id token not access token Help extensibility , actions-extensibility	2	824	August 14, 2023
Cannot add custom claim to access token via Actions Help actions	2	2570	January 8, 2024
Custom claims not added to tokens in post-login Action flow Help	4	3525	October 1, 2021