Set ID Token Claims using Actions

lihua.zhang · August 11, 2022, 10:06pm

Last Updated: Aug 12, 2024

Overview

This article details how to set ID Token claims using Actions.

It is possible to populate ID Tokens and Access Tokens (AT) with custom claims using a Post Login Action.

Our Post Login Actions have access to two objects that offer different features. These objects are:

The Event object offers access to Properties related to the Authentication Request, such as client ID, connection name, transaction, etc.

The API object provides a set of Methods that can be used to perform different actions, such as adding custom claims.

To add a custom claim to an ID Token, use the following function:

api.idToken.setCustomClaim(name, value);

A complete Post Login Action that adds a custom claim to the ID Token would look like this:

exports.onExecutePostLogin = async (event, api) => {
    api.idToken.setCustomClaim('my-custom-claim', 'my-value');
};

Similarly, it is possible to add Custom Claims to an Access Token by referencing it before calling the setCustomClaim function:

api.accessToken.setCustomClaim('my-custom-claim', 'my-value');

Topic		Replies	Views
Set Access Token Claims Using Actions Knowledge Articles access-token , claim , action	1	2003	August 11, 2022
Adding custom claims to tokens Knowledge Articles id_token , access-token , custom-claims , actions	1	7065	June 3, 2022
Can only seem to set custom claim on id token not access token Help extensibility , actions-extensibility	2	824	August 14, 2023
Cannot add custom claim to access token via Actions Help actions	2	2570	January 8, 2024
Custom claims not added to tokens in post-login Action flow Help	4	3525	October 1, 2021