Welcome to the Kinde community.
A
A
A
M
T
How to get a new access token after updating a custom property?
On my Next.js page (which is a Server Component), I have an authenticated user which I add a custom property for using the Management API.
After adding the property, I’d like to get a new access token that contains the newly added property.
I tried refreshing user claims and tokens, but it didn’t work:
import { getKindeServerSession } from "@kinde-oss/kinde-auth-nextjs/server";
const { getAccessTokenRaw, refreshTokens } = getKindeServerSession();
const accessToken = await getAccessTokenRaw(); // no custom property yet
// custom property is added to the user here using the Management API
await Users.refreshUserClaims({ userId })
await refreshTokens();
const newAccessToken = await getAccessTokenRaw(); // still no custom propertyHow could I get a new access token that contains the new property (without having the user to login again)?I also tried revoking the existing access token, but no luck:
import { Oauth } from "@kinde/management-api-js";
await Oauth.tokenRevocation({
formData: {
token: accessToken, // existing raw access token
client_id: process.env.KINDE_MANAGEMENT_CLIENT_ID,
client_secret: process.env.KINDE_MANAGEMENT_CLIENT_SECRET,
},
})
// this still returns the old access token
const newAccessToken = await getAccessTokenRaw()Hey Misha, just want to check that the new property is set to Public and not Private.
hey thanks for raising this, it may seem a bit hacky, but I think if you redirect to /api/auth/login after refreshTokens it might work
For some reason the refreshTokens function is only refreshing user claims (not including added properties 😞 ) - I’ll look into this for you
Any news on this one?
It’s very cumbersome to redirect to /api/auth/login because I need to make an API call with the updated access token before redirecting users to the homepage.
Hey , I'm also having this issue. I want to essentially refresh to token on page refresh incase a users org/role has changed
Just an update for now: refreshTokens is only refreshing user claims, not included properties and org/role changes
I will prioritise and put a change ASAP and keep you guys in the loop
Hey , what’s your gut feel on when a fix will be deployed?
It’s quite a blocker for us, so trying to figure out a plan.
Hey, so I can see it works if the users role has been updated but not if their org has, so I don't get a list of the new orgs
What’s the expected behaviour now?
I just checked @kinde-oss/kinde-auth-nextjs v2.3.1 and if I getAccessTokenRaw() after refreshTokens() I still can’t see the newly set custom property.
Hey & , I’ll continue to look today - I think the new Orgs should be fixable
for custom properties, which API endpoint are you hitting?
To future readers, the issue in my case was that I was calling refreshTokens() in a page component. Since HTTP doesn’t allow setting cookies after streaming starts, I had to move the refreshTokens() call to a route handler, and now everything works as expected. Special Thank You to who jumped on a call today to sort this out.