Expose the app_metadata in custom Login flow action

Actions
Sep 10, 2025
Overview
I can't find how I can expose the app_metadata in the token returned by the API.
I have metatdata like this:
{
"first_name": "Tim",
"institution_id": 2056,
"last_name": "Gitchel",
"idp_id": 15,
"calendar_url": "https://us06web.zoom.us/j/81685?pwd=<redacted>"
}
I want the calendar_url to be exposed in the user token. I have an action that exposes the roles like the below and would like to know how to add the app_metadata.
exports.onExecutePostLogin = async (event, api) => {
if (event.authorization) {
api.idToken.setCustomClaim(`user_roles`, event.authorization.roles);
}
}
Solution
You can use a Post Login Action similar to what you have already, something like the below should work:
  
exports.onExecutePostLogin = async (event, api) => {
  const namespace = 'https://myapp.example.com';

  if (event.authorization) {
  // Set claims
    api.idToken.setCustomClaim(`${namespace}/calendar_url`, event.user.app_metadata.calendar_url);
  }
};

There's an example here as to how you might extract user information from metadata just for info https://auth0.com/docs/manage-users/user-accounts/metadata/manage-user-metadata

See here for information on custom claims, best practice is to use name-spaced claims to avoid name collisions now and in the future, however this is no longer necessary providing you follow these guidelines https://auth0.com/docs/secure/tokens/json-web-tokens/create-custom-claims#non-namespaced-guidelines

Recommended content

No recommended content found...
Need more help? Visit the Community
Visit the Auth0 Community