How to get a new access token after updating a custom property?
On my Next.js page (which is a Server Component), I have an authenticated user which I add a custom property for using the Management API.
After adding the property, I’d like to get a new access token that contains the newly added property.
I tried refreshing user claims and tokens, but it didn’t work:
import { getKindeServerSession } from "@kinde-oss/kinde-auth-nextjs/server"; const { getAccessTokenRaw, refreshTokens } = getKindeServerSession(); const accessToken = await getAccessTokenRaw(); // no custom property yet // custom property is added to the user here using the Management API await Users.refreshUserClaims({ userId }) await refreshTokens(); const newAccessToken = await getAccessTokenRaw(); // still no custom propertyHow could I get a new access token that contains the new property (without having the user to login again)?
I also tried revoking the existing access token, but no luck:
import { Oauth } from "@kinde/management-api-js"; await Oauth.tokenRevocation({ formData: { token: accessToken, // existing raw access token client_id: process.env.KINDE_MANAGEMENT_CLIENT_ID, client_secret: process.env.KINDE_MANAGEMENT_CLIENT_SECRET, }, }) // this still returns the old access token const newAccessToken = await getAccessTokenRaw()
Hey Misha, just want to check that the new property is set to Public and not Private.
hey thanks for raising this, it may seem a bit hacky, but I think if you redirect to /api/auth/login
after refreshTokens
it might work
For some reason the refreshTokens function is only refreshing user claims (not including added properties 😞 ) - I’ll look into this for you
Any news on this one?
It’s very cumbersome to redirect to /api/auth/login
because I need to make an API call with the updated access token before redirecting users to the homepage.
Hey , I'm also having this issue. I want to essentially refresh to token on page refresh incase a users org/role has changed
Just an update for now: refreshTokens
is only refreshing user claims, not included properties and org/role changes
I will prioritise and put a change ASAP and keep you guys in the loop
Hey , what’s your gut feel on when a fix will be deployed?
It’s quite a blocker for us, so trying to figure out a plan.
Hey, so I can see it works if the users role has been updated but not if their org has, so I don't get a list of the new orgs
What’s the expected behaviour now?
I just checked @kinde-oss/kinde-auth-nextjs v2.3.1 and if I getAccessTokenRaw()
after refreshTokens()
I still can’t see the newly set custom property.
Hey & , I’ll continue to look today - I think the new Orgs should be fixable
for custom properties, which API endpoint are you hitting?
To future readers, the issue in my case was that I was calling refreshTokens()
in a page component. Since HTTP doesn’t allow setting cookies after streaming starts, I had to move the refreshTokens()
call to a route handler, and now everything works as expected. Special Thank You to who jumped on a call today to sort this out.