Upcoming change to non-namespaced custom claims

We received a notification that a number of our Auth0 tenants will affected by the upcoming change to non-namespaced claims (this one). However I reviewed the migration advice and could not see any actions because:

  • we have no type:depnote entries in our logs (or none are being returned when I search for them)
  • our tokens are larger than I’d like (sometimes around ~2KB) but are nowhere near the 100KB limit
  • we are not setting any non-namespaced claims in id token or access token at all
  • we are only using our own domains as namespaces, and not any Auth0 domains

So I’m stumped as to why we got this notification and why these tenants were highlighted in particular. Normally I’d just dismiss this and move on, but a subset of our tenants were explicitly named (" We have detected that [list of nine tenants] may be doing one of the following operations via Actions / Hooks / Rules:…") so I’d really like to understand what’s going on.

Has anyone else had this? Is there anything I should be looking for other than the items I described, or should I just go ahead and flip the “Migrations > Legacy Custom Claims” for some tenants to just try this out?

Hi @sean.mclemon1,

Thanks for reaching out. I would be happy to take a look and see if I can find anything that is triggering the notification/warning. You can DM me the name of the tenants.

@dan.woda Hey, Dan. Have you resolved the question? My company got same letter about " hange to Non-Namespaced Custom Claims behavior". We also dont have any deprecation notices in the logs, neither we use custom claims. What should we do?

Hi @nikita.yaskevich,

The email should contain a list of tenants and possible operations that are causing you to receive the notice.

Take a look at that list and see if any of the tenants are performing any operations listed.

Let me know if you have questions.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.