Session Metadata
Session Metadata is currently in Early Access for Enterprise customers only. By using this feature, you agree to the applicable Free Trial terms in Okta’s Master Subscription Agreement. Reach out to your Auth0 contact to request access. To learn more about Auth0's product release cycle, read Product Release Stages.
Session metadata allows the storage of customizable keys and values (maximum 255 characters each) in an Auth0 user session.
Use cases for session metadata include:
Track device information, such as device name or login location
Store session-level flags, for example, user_accepted_terms
Share state between multiple Actions in the same flow
Drive conditional logic for logout or token issuance
You can use session metadata information downstream systems such as audit, analytics, and revocation pipelines that may need to be aware of a user’s organization data.
To learn more, read Use case: Organization Information in Session Metadata.
You can access and modify session metadata during a session’s lifecycle using Auth0 Actions and the Management API. In addition, you can include session metadata in the OpenID Connect Back-Channel Logout token.
To learn more, read how to Configure Session Metadata.
Limitations
Session metadata is available only when created in a browser-based session
Auth0 does not support session metadata with the following:
Resource Owner Password Flow
Native Passkeys
Native Social Logins such as Sign in with Apple, Google, or Facebook