Use Cases: Configure an update policy form using Forms

Before you start

Create a Machine-to-Machine Application with the following scopes enabled:

read:users
update:users
create:users
read:users_app_metadata
update:users_app_metadata
create:users_app_metadata

Forms for Actions is currently in Early Access. To learn more about Auth0 release stages, review Product Release Stages.

Forms for Actions allows you to create custom privacy policies flows and store the consent under the app_metadata object.

Dashboard > Actions > Forms > Privacy policy use case

The sections below outline how you can create an Update Policy form using nodes and flows, along with steps for adding your form to a Post Login Action.

Create a form from scratch

To create a new information gathering form, follow these steps:

Navigate to Auth0 Dashboard > Actions > Forms.
Select Actions > Forms to open the Form editor in a new tab.
Select Create form > Start from scratch.

By default, a new form contains a Start node, a Step node, and an Ending screen node.

Configure the Step node

The Step node is the graphical interface visible to users. Add Fields to the Step node to collect the new agreement acceptance value by following these steps:

Drag a Rich text field from the Components menu into the Step node.
- Rich text: Enter a description of your privacy policies updates.
Drag a Legal field into the Step node.
- ID: Enter privacy_policies.
- Required: Enable the checkbox.
- Legal: Enter I agree to the Privacy Policy.
Select Publish to save.

Dashboard > Actions > Forms > Use case privacy policy step node

Add an Update app_metadata flow

Add a Flow node after the Step node to update the app_metadata and resume the authentication flow by following these steps:

Select Flow from the bottom of the Form editor.
Remove the existing link between the Step and Ending Screen nodes.
Select the new Flow > Click to add a flow > Create a new flow.
- Enter Update app_metadata in the Name field.
- Select Create.
Link the Flow node to the Step and Ending Screen nodes as pictured below.
Select Publish to save.

Select the Flow Update app_metadata > Edit flow to open the Flow editor in a new tab.
Below the Start Action, select the + icon to add an Auth0 Update user Action. Complete the fields below, then select Save to continue.
- Connection: Select the + icon to add a connection to the Machine to Machine Application.
- User ID: Enter {{context.user.user_id}}.
- Body: Copy and paste the following code
  { "app_metadata": { "privacy_policies": true, "privacy_policies_timestamp": "{{ functions.toTimestamp() }}" } }
  Was this helpful?
  /
Select Publish to save.

Dashboard > Actions > Forms > User case privacy policy code

The flow Update app_metadata adds a privacy_policies true value to the app_metadata object and also generates a timestamp with a helper function.

Retrive your form embed code

Retrieve your form embed code to visually render the form with a custom Post Login Action by following these steps:

From the Form editor, select Embed.
Select Copy.

Dashboard > Actions > Forms > Form > Embed

Create a custom Post Login Action to render your form by following these steps:

Navigate to Auth0 Dashboard > Actions > Flows > Login.
Select Custom.
Select the + icon to Build from scratch:
- Name: Enter Render Update Policy Form.
- Trigger: Select Login / Post Login.
- Runtime: Select the recommended version.
Select Create.

To configure the custom Action:

Delete the existing code from the Code editor.
Paste the form embed code into the Code editor.
Edit the code to define the conditional logic that will render the form.
```
/**
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onExecutePostLogin = async (event, api) => {
  const FORM_ID = 'REPLACE_WITH_YOUR_FORM_ID';

  if (event.user.app_metadata.privacy_policies !== true) {
    api.prompt.render(FORM_ID);
  }
}

exports.onContinuePostLogin = async (event, api) => { }
```
Was this helpful?
/
The example code above will render the form when a user is missing the app metadata privacy_policies property.
Select Deploy.
Drag and Drop the Render Update Policy Form Action to the Login flow.
Select Apply.

Test implementation

Test the implementation by following these steps:

Log in with an existing user whose user_metadata attribute privacy_policies does not have a value.
The custom Post Login Action in the Login flow will render the form and prompt for acceptance.
Select Auth0 Dashboard > User Management > Users, locate the user and verify that the app_metadata attribute privacy_policies contains a true value and a timestamp.

Customize