Updating Custom Claims After Login Event

baynezy · October 3, 2024, 3:12pm

I have used Actions with the post-login trigger to add a custom claim to my ID Token. This makes a call to an API of mine and based on that the claims are added. This work very well.

These claims relate the subscription status of a user. There is a cut over point when a user subscribes where these claims become stale. I was hoping that calling the /userinfo endpoint that is part of the OIDC specification would return accurate data, but that appears to be cached also. As I get stale data from that endpoint as well.

What is the best way to resolve this with Auth0?

rueben.tiow · October 3, 2024, 8:32pm

Hi @baynezy,

You could use Silent Authentication to re-authenticate the user without user interaction. Essentially, this would get a new access token with the updated claims.

Thanks,
Rueben

system · October 17, 2024, 8:32pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Custom claims not added to tokens in post-login Action flow Help	4	3513	October 1, 2021
Adding custom claims in post-login Action when refreshing token Help extensibility , actions-extensibility	8	1258	April 1, 2024
Cannot add custom claim to access token via Actions Help actions	2	2551	January 8, 2024
Add/Update Access Token Custom Claim WITHOUT flow/rule? Help sessions , authentication-sessions	6	2723	December 19, 2022
Add custom claims to session without using Actions? Help management-api , users	2	982	July 20, 2023

Updating Custom Claims After Login Event

Related Topics