v2 API: user session metadata in Zitadel's action?
As the title says, is it possible to create a user session using v2 Beta API where some custom metadata are added, and later when creating id_token I would like to trigger action that somehow reads user session metadata and appends custom claims to id_token?
https://zitadel.com/docs/apis/resources/session_service/session-service-create-session
So, I would like to use session metadata in Zitadel's action when session token is exchanged for code (OIDC flow in custom login UI):
https://zitadel.com/docs/apis/actions/complement-token
5 Replies
At the moment the actions on the token are only implemented for the existing hosted login and not yet for the session. in the future we will provide that functionality again on the new sessions but there is no timeline yet
Unknown User•12mo ago
Message Not Public
Sign In & Join Server To View
not yet
Unknown User•5mo ago
Message Not Public
Sign In & Join Server To View
I am very much looking forward to this. As of now it seems that the
/authorize and /token requests aren't really connected in anyway so one cannot e.g.: access information from the authorize request and use that to complement the token.
Actually worse: I don't think there's anyway to access information from the /token request and use that to complement the token at all (unless I'm missing something) - so the "complement token" functionality ends up being very simple and barebones as far as I am aware
I love Zitadel, but this is a limitation that I've yet to overcome and which has been troubling me lately :/