Currently when a particular "sub" logs in with a JWT token the system will create a new user record with mapped JWT token data. This means when the JWT token data is dynamic like scope or other app_metadata, it will not be available in user.data
within stitch rules. Instead it will return the previously saved values. It would be better to show the current JWT values live into the user.data
area so different scopes can affect rules. In addition it would be better if it's possible to map sub directly to the user.id
and not store the user inside of stitch at all.