The linked thread shows a proper way to assign a role using the request
package. Just wanted to point out that in Rules there is also the Node-SDK and thus ManagementClient
object available (though requires to use the higher version than the default) which already has a wrapper method for assigning roles, so that could be used alternatively:
function (user, context, callback) {
var count = context.stats && context.stats.loginsCount ? context.stats.loginsCount : 0;
if (count > 1) {
return callback(null, user, context);
}
var ManagementClient = require('auth0@2.17.0').ManagementClient;
var management = new ManagementClient({
token: auth0.accessToken,
domain: auth0.domain
});
management.assignRolestoUser(
{ id : user.user_id},
{ "roles" :["rol_Y4j6ngQoZpQ3fGmu"]}, // sample role ID of "Standard API Enduser"
function (err) {
if (err) {
console.log('Error assigning role: ' + err);
}
callback(null, user, context);
});
}
In regards to use case: I came across similar request from a customer (for whom I had provided the above script) before where a newly registered user should automatically have a specific role, such as Standard API Enduser
assigned in order to get proper role and especially permissions based on this role assigned in order to call a protected API (=> permitted scopes in access token). If using RBAC Core and permissions assigned to roles, these would otherwise not be returned in the user’s access token at first login.