Hi,
I followed the set roles template and adjusted it a bit to add authorization under app_metadata:
function (user, context, callback) {
user.app_metadata = user.app_metadata || {};
// You can add a Role based on what you want
// In this case I check domain
var addRolesToUser = function(user, cb) {
if (user.email.includes('@mydomain.com')) {
cb(null, 'admin']);
} else {
cb(null, 'user']);
}
};
addRolesToUser(user, function(err, roles) {
if (err) {
callback(err);
} else {
user.app_metadata.roles = roles;
user.app_metadata.authorization = {};
user.app_metadata.authorization.roles = roles;
auth0.users.updateAppMetadata(user.user_id, user.app_metadata)
.then(function(){
callback(null, user, context);
})
.catch(function(err){
callback(err);
});
}
});
}
The goal is to authorize users with my company’s domain as admins. In .NET, User.IsInRole(“admin”) only seems to work if I install the authorization extension and manually add a user to the role. Is there something I can do differently to enable rule-based authorization?