Event Listener Provider synchronous execution?


I would like to enrich the user profile with certain attributes before the information go to the client (via ID token, access token, or /userinfo). I implemented an even listener provider for the LOGIN event that achieves exactly that.

During some testing a colleague of mine noticed that there are circumstances where they do not get the updated token, but an old one. But on my end I can see that the changes were performed on the user profile. When they ask for the token again they receive an updated version.

That leads me to believe that the event listener provider is executed asynchronously and whether it works here is a matter of chance. Is that assumption correct? Can I make it synchronous/blocking, or is there another, better suited SPI?

EventListenerProvider implementations are executed as part of the same request transaction, so “synchronously”.

1 Like

Thank you for clarifying, I appreciate it! That drastically narrows down the issue for me.