Problem statement
The users from one of our connections are not able to log in.
I am seeing an error in the logs:
json: cannot unmarshal string into Go struct field .event.user.userMetadata of type map[string]interface {}
But I can’t think of any custom checks we do for the user metadata.
Are you able to see where this error is coming from on your side?
Symptoms
json: cannot unmarshal string into Go struct field .event.user.userMetadata of type map[string]interface {}- When actions are disabled, the users can login
- Particular connection(s) affected (SAML)
Steps to reproduce
- This can be reproduced by having another tenant / IdP return a user_metadata attribute in the SAML response.
Auth0 then attempts to place this into the user’s existing user_metadata field and ends up storing it as an [object Object]. This then causes Actions to fail as they attempt to load the user profile - no actual action code needs to be present, just an enabled action in the post-login flow.
Cause
When Auth0 maps user_metadata from a SAML attribute, it will convert an object into a string which causes this issue.
Solution
It is important that the field “user_metadata” is not passed by an external IdP. When Auth0 maps user_metadata from a SAML attribute, it will convert an object into a string and can cause this issue.
Impacted users will need their user_metadata cleared once this is resolved before Actions can function for those users. If it cannot be resolved on the IdP’s side, then turn off profile sync in the SAML connection settings and clear metadata for all existing users and future users.
Please note that metadata should only be managed by Actions, Authentication API, Management API, Tenant Dashboard, or the Lock Library: