clientContext provides expired admin token in functions

So whenever I call a netlify function, 80% of the time the admin token present from identity through clientContext is expired. This expired token doesn’t allow usage of the gotrue api to edit user app_metadata.

There doesn’t seem to be any documentation of refreshing a admin token or this issue, so here is my code inside my netlify lamdba function:

    const {identity} = context.clientContext;
    const urlPut = identity.url+'/admin/users/'+netlifyId;
    const adminAuthHeader = 'Bearer ' + identity.token;
    fetch((urlPut), {
          method: "PUT",
          headers: { "Authorization": adminAuthHeader,
          "Accept": "application/json",

          body: JSON.stringify({ app_metadata: { roles: ["pro"] } })

It makes no sense that a lambda function is being provided an expired admin token. This token is expired from anywhere between 10s to 8 minutes. This is not a long running serverless function, and has never gone beyond 3s.

So further testing indicates that the token gets invalidated way before the request to the function is even made. I believe that this is an issue on the netlify serverside.

Hey @skllpr,
Could you please share the expired token error you’re seeing? Is it just a 401 HTTP code or something else? Sounds like we may need to file an issue on or, so having the details will be super helpful. Thanks!

Hm. Going to follow this thread as well; I know it’s 10 days back but if you still have issues @skllpr do post back. The admin tokens generated within the Function context have a TTL of one minute so they should be alive longer than any Function runtime could go. Would be curious to see some console output if you’ve got it :+1:t2:


Hi, thanks for the feedback. I have no clue why, but my function is up and running. Some changes that may have had an effect (no clue why though) is that I changed the token from a const to a let variable. I don’t think this should have any effect, but the function is now working properly.

1 Like