New to the Auth) world but not the realm of SSO. Using the free tier to develop a POC on Drupal 8.
Have created a Rule so that some additional user information can be passed with the identityToken. Specifically, the user’s groups, roles, and permissions are what I am looking to pass back from the Auth0 SaaS server. The user info for the first request matches. If I later go back and add/remove user attributes on manage.auth0.com, the subsequent requests remain the same and do not reflect the updates. It appears that there is some caching occurring inside Auth0 as console.log messages show the source of the information is stale.