I am currently developing a project the used @okta/oidc-middleware aka Express OIDC for node.js for authentication. In this project, I retrieve a custom attribute for the user via the id token.
The main issue is that the user has an option to update the attribute value but I am unsure how to retrieve the new value.
One option is to force a local/app logout and log them back in however I don’t want the user’s ‘session’ to be interrupted if possible.
I know it is possible to overwrite the value that is store for the session which is another possible value however keeping control via okta side would also be preferable (in case they selected an option that is rejected by a webhook as example).
The best option I can think of is to retrieve the new value via API and store it in the new session.
My main question is what would be the best way to go about it? As far as I know, there is no option to ‘refresh’ the session as I can see on the github page.