Accessing Identity Provider groups in actions

luke.mondy · January 17, 2022, 3:19am

Hello,

I believe I’m asking something very similar to this: Add user attributes to idToken but I will lay out my current issue.

We’re using AzureAD as a connection, and the Azure Identity Provider populates a field called groups.

Looking at the Raw JSON, I get something like this:

{
    "created_at": "2022-01-12T03:12:55.402Z",
    "email": "abc.xyz@lmno.com",
    "email_verified": true,
    "family_name": "xyz",
    "given_name": "abc",
    "groups": [
        "Conference Rooms",
        "Security",
        "app-google",
        "app-calendly",
...

But within an action, I can’t seem to do something like:

const validGroups = [ "Security" ]; 
for (const vg in validGroups) {
  if (event.user.groups.includes(vg)) {            // Is the user in a valid group?
    hasValidGroup = true;                          // Grant access if in valid group
  }
}

because the Actions interface tells me that event.user does not have an groups object.

The docs don’t seem to reflect how to access it either (Actions Triggers: post-login - Event Object), am I missing something here?

Thanks
Luke

luke.mondy · March 2, 2022, 11:53pm

Any ideas on this issue?

mtaron · September 13, 2022, 1:10am

I’m encountering the same issue. Here’s another request for the same feature: User object in actions is missing groups

It looks like groups and group_ids are still only available in Rules. The docs say:

Note: The event.user object will not include any top-level attributes added by an external identity provider.

Does that mean that groups and group_ids will never be coming to Actions and that we need to stick with Rules for this feature?

dawid.matuszczyk · August 13, 2025, 12:36am

Hey team!

Since this topic touches Auth0 Actions, quick heads-up that we’re hosting an Ask Me Anything dedicated to Actions with Gaston Danilo Asis Sanchez, Senior Technical Product Manager. We’ll cover practical usage, new capabilities like Transaction Metadata and Actions Types, plus a peek at what’s next.

Submit questions now through Aug 26
Get detailed written answers live on Aug 27, 9–11 AM PT

Earn community points + a badge . If you’re exploring how Actions can streamline your auth flows, this is a great time to get direct guidance from the team.
Join the AMA & drop your questions here: August 27 Auth0 Community Ask Me Anything: Actions

Dawid

Topic		Replies	Views
Checking Azure AD groups with actions Get Help azure-ad , roadmap , user-group , actions	2	3276	January 7, 2023
Adding an Action to return Azure AD Groups for a user logging in Get Help extensibility , actions-extensibility	3	2194	April 6, 2023
AzureAD fields in Auth0 Actions Get Help connections , azure-ad-enterprise-connection	3	1056	July 14, 2023
Event.user.groups is not listing all the groups in auth0 actions Get Help configuration , application	2	163	September 20, 2024
Google workspace groups seemingly unavailable in `onExecutePostLogin` Get Help	6	3478	April 21, 2022

Accessing Identity Provider groups in actions

Related topics