We have a case where we want to use a BankID Criipto login to populate User and Person object with more attributes than the User object can hold. Say socialno or birthdate.
We assume that the bult in custom login is limited to the 4 main user attributes, and as such will not work.
Another option considered is to store the token as a secret on successful login, and then use that to request the information again to map to the Person object. But this also seems to run into the same problem of availability of the secret in App actions.
Last we consider a custom login, but then again we seem to be unable to “connect” the successful login with the secret to then decode/request the personal data again.
Is there a solution to this and if so what have we missed?
What you really need here is Custom properties on the built-in User object. This is something that will be implemented pretty soon. With those properties, you would be able to just map them using custom scopes in the login setup.
However, currently you could probably do one of the following:
a) Map these values returned in the login to secrets, and map the secret to properties of the Person object (using a Service)
OR
b) After login, do another API call (e.g. from your App or a Service) to an API that gives the SocialSecNo for that person, and map the result to the Person object
Thanks for the workarounds! In addition I missed the secret functionality of 1 per user which is explained here
Maybe it could be beneficial with a heads up on this in the docs as well, for instant in context with Oauth2 code flow? Something like this I think would help people that is unfamiliar with athentication flow