Overview

This article explains why user metadata resets to its original state each time they log in when using a Custom OAuth2 Social Connection.

Applies To

• Custom OAuth2 Social Connection

Cause

This issue can occur if the Fetch User script sets user metadata and the connection’s Sync user profile attributes at each login setting is enabled. If user metadata is updated after login under these conditions, the changes are lost when the Fetch User script executes on the subsequent login.

Example script that is setting app_metadata on each login:

function(accessToken, ctx, cb) {
  console.log('--fetch user profile--');
  console.log(new Date().getTime());
  request.get('https://{tenant_domain}/userinfo', {
      headers: {
        'Authorization': 'Bearer ' + accessToken,
      },
      json: true
    },

    function(e, r, profile) {
      if (e) return cb(e);
      if (r.statusCode !== 200) return cb(new Error('StatusCode: ' + r.statusCode));
      profile.user_id = profile.sub;
      profile.app_metadata = {"foo":"bar"};
      cb(null, profile);
    });
}

Any changes made to app_metadata will be overwritten on the next user login.

Solution

It is recommended that the Fetch User script be kept as simple as possible. If a user’s metadata is expected to change, the recommendation would be to set it to the user profile in a Post-Login Action on the user’s first login by checking if event.stats.logins_count == 1 instead of using the Fetch User script.

Related References:

• Custom Oauth2 Social Connection
• Fetch User Script
• Different Strategies to Update User Metadata in Post-Login Action