Last Updated: Aug 12, 2024
Overview
This article details how to set ID Token claims using Actions.
Applies To
- ID Token
- Claims
- Actions
Solution
It is possible to populate ID Tokens and Access Tokens (AT) with custom claims using a Post Login Action.
Our Post Login Actions have access to two objects that offer different features. These objects are:
The Event object offers access to Properties related to the Authentication Request, such as client ID, connection name, transaction, etc.
The API object provides a set of Methods that can be used to perform different actions, such as adding custom claims.
To add a custom claim to an ID Token, use the following function:
api.idToken.setCustomClaim(name, value);
A complete Post Login Action that adds a custom claim to the ID Token would look like this:
exports.onExecutePostLogin = async (event, api) => {
api.idToken.setCustomClaim('my-custom-claim', 'my-value');
};
Similarly, it is possible to add Custom Claims to an Access Token by referencing it before calling the setCustomClaim function:
api.accessToken.setCustomClaim('my-custom-claim', 'my-value');