Actions Migration Limitations

To take advantage of the features provided by Auth0 Actions, you may need to migrate your current code from Rules, Hooks, or earlier versions of Actions. However, you should be aware of the current limitations when migrating between legacy extensibility offerings and Actions.

For more information, see Migrate to Actions.

Rule specific differences

  • Re-use of functions between Actions is not currently supported, as each Action execution is autonomous. You must explicitly define the required functions for each Action.

  • Passing of variables between Actions is not supported. If you have Rules that depend on passing of state or variable data between one Rule to another, you can consolidate those Rules into a singular Action.

  • accessToken is currently limited to 100 scopes.

  • The event object in Actions does not currently provide an alternative for the following context attributes from within a Rule:

    • context.connectionOptions

    • context.sessionID

  • Actions only support the following properties within event.user.identities:

    • connection

    • provider

    • user_id

    • profileData

    • isSocial

  • Actions support a max secret length of 1024 bytes.

  • Standard claims of an idToken or accessToken cannot be deleted using an Action.

  • Actions can only return access denied error codes and does not support returning an unauthorized error code.

  • Actions only support modifying the primary user between linked accounts.

Hooks specific differences

  • You can not modify scopes in a machine-to-machine client credential flow as was possible with a Hook.