Users App_metadata not getting updated when multiple application involved

Hi,

I have this issue of user’ s app_metadata not getting updated in certain scenario. To make sure i can reproduce the same issue i did the same in a new tenant and its still happening.

User case:

I have two application (both M2M application)
1 Application A (client_name: custom_app_one)-> connected to a custom Database connection (name: database_one)
2. Application B (client_name name: custom_app_two) → custom Database connection (name: database_two).

In post login action i want to add specific info to app_metadata based on the application the user logs in from.

In custom database Login script i am returning

database_one

callback(null, {
user_id: user.user_id,
email: user.user_email,
app_product: {
“id”: 1,
“name”: “product A”,
“uid”: “1234”
},
})

database_two

callback(null, {
user_id: user.user_id,
email: user.user_email,
app_product: {
“id”: 2,
“name”: “product B”,
“uid”: “5678”
},
}).

Issue:

In post login action script i am receiving the app_product data associated to the applications(custom_app_one and custom_app_two).

The issue is in one scenario post login action is not updating app_metadata .

Working: (Oder in which you login is important)
Login through custom_app_two → User’s app_metadata is added
Login through custom_app_one → User’s app_metadata is appended to the existing one

Not Working:
Login through custom_app_one → User’s app_metadata is added.
Login through custom_app_two → User’s app_metadata is not being appended.

I was able to confirm that the app metadata is not added in auth0 (User Management → Users
→ click user that is logged in → App Metadata).

Sample script in post login action

exports.onExecutePostLogin = async (event, api) => {
try {
if (event.authorization) {
if (event.transaction) {
switch (event.transaction.protocol) {
case ‘oauth2-refresh-token’: {
break;
}
case ‘oauth2-password’: {
if (event.client.name === ‘custom-app_one’) {
api.user.setAppMetadata(event.client.name, event.user.app_product);
} else if (event.client.name === ‘custom-app-two’) {
api.user.setAppMetadata(event.client.name, event.user.app_product);
}
break;
}
default: {
break;
}
}
}
}
} catch (err) {
console.log(err);
api.access.deny(Internal error ${err})
}
};

I need the app_metadata updated so that i can use to generate new access tokens when refresh token is used to get new access tokens. Currently i haven’t added it in the sample code above.

Any help to solve this issue is much appreciated.