Auth0, Custom Claims, and Multiple Protocols

We have several custom claims defined in Auth0 that we need to send down to our client application. We set up a custom rule to map these claims into the id token with fully namespaced properties. This worked fine when using the OIDC protocol but the namespaces were garbled when using the SAMLP protocol: they were prepended by an Auth0 URL and the ‘.’ characters in the namespace were replaced by ‘;’. We fixed this by using the SAML configuration object which did give us properly namespaced claims but also left the garbled claims. To fix this, we selectively set either the id Token or the SAML configuration based on the protocol.

function addPersistenceAttribute(user, context, callback) {
  user.user_metadata = user.user_metadata || {};
  user.user_metadata.custom_claim = user.user_metadata.custom_claim || 'My Value';
  
  if (context.protocol === 'samlp') {
    context.samlConfiguration.mappings = {
      "https://www.myapp.com/claims/custom_claim": "user_metadata.custom_claim"
    };
    
  } else {
    const namespace = 'https://www.myapp.com/claims/';
    context.idToken[namespace + 'custom_claim'] = user.user_metadata.custom_claim;
  }
auth0.users.updateUserMetadata(user.user_id, user.user_metadata)
    .then(function(){
        callback(null, user, context);
    })
    .catch(function(err){
        callback(err);
    });
}