clientContext provides expired admin token in functions

So whenever I call a netlify function, 80% of the time the admin token present from identity through clientContext is expired. This expired token doesn’t allow usage of the gotrue api to edit user app_metadata.

There doesn’t seem to be any documentation of refreshing a admin token or this issue, so here is my code inside my netlify lamdba function:

    const {identity} = context.clientContext;
    const urlPut = identity.url+'/admin/users/'+netlifyId;
    const adminAuthHeader = 'Bearer ' + identity.token;
    fetch((urlPut), {
          method: "PUT",
          headers: { "Authorization": adminAuthHeader,
          "Accept": "application/json",

          body: JSON.stringify({ app_metadata: { roles: ["pro"] } })

It makes no sense that a lambda function is being provided an expired admin token. This token is expired from anywhere between 10s to 8 minutes. This is not a long running serverless function, and has never gone beyond 3s.

So further testing indicates that the token gets invalidated way before the request to the function is even made. I believe that this is an issue on the netlify serverside.

Hey @skllpr,
Could you please share the expired token error you’re seeing? Is it just a 401 HTTP code or something else? Sounds like we may need to file an issue on GitHub - netlify/gotrue-js: JavaScript client library for GoTrue or GitHub - netlify/gotrue: An SWT based API for managing users and issuing SWT tokens, so having the details will be super helpful. Thanks!

Hm. Going to follow this thread as well; I know it’s 10 days back but if you still have issues @skllpr do post back. The admin tokens generated within the Function context have a TTL of one minute so they should be alive longer than any Function runtime could go. Would be curious to see some console output if you’ve got it :+1:t2:


Hi, thanks for the feedback. I have no clue why, but my function is up and running. Some changes that may have had an effect (no clue why though) is that I changed the token from a const to a let variable. I don’t think this should have any effect, but the function is now working properly.

1 Like