Have you had any luck sorting this out? Are you using a Post Login Action or something else? Your code looks OK to me so but I’d need to test this myself.
I haven’t really looked for other solutions - it’s working as described above so we’ve moved onto other issues. To be honest I’m not sure how we’d diagnose the action any further. Yes, it’s a Post Login action.
Thanks for responding, and good to know it’s working in the context of a rule!
I suppose I’d need to see the structure of the app_metadata, but that being said it seems like there could be a compatibility issue regarding legacy (authorization extension/rules) vs current (authorization core/actions). You can read more about Authorization Core vs. Authorization extension as well as the best practice to add roles to tokens using an Action:
I read both linked articles - the Faq article is mainly relevant in that it shows setting of the access token value? Which i take it works theoretically - just not for us inside our action.
The Auth Core vs. Auth Extension - to be honest i’m not sure what the relevance is - is this an RBAC scenario?
I guess i’m still trying to understand why pretty much 1 line of code works in the rule, and not in the action - it feels like i’ve done something dumb, but i’m not sure what…