Accessing Identity Provider groups in actions

luke.mondy · January 17, 2022, 3:19am

Hello,

I believe I’m asking something very similar to this: Add user attributes to idToken but I will lay out my current issue.

We’re using AzureAD as a connection, and the Azure Identity Provider populates a field called groups.

Looking at the Raw JSON, I get something like this:

{
    "created_at": "2022-01-12T03:12:55.402Z",
    "email": "abc.xyz@lmno.com",
    "email_verified": true,
    "family_name": "xyz",
    "given_name": "abc",
    "groups": [
        "Conference Rooms",
        "Security",
        "app-google",
        "app-calendly",
...

But within an action, I can’t seem to do something like:

const validGroups = [ "Security" ]; 
for (const vg in validGroups) {
  if (event.user.groups.includes(vg)) {            // Is the user in a valid group?
    hasValidGroup = true;                          // Grant access if in valid group
  }
}

because the Actions interface tells me that event.user does not have an groups object.

The docs don’t seem to reflect how to access it either (Actions Triggers: post-login - Event Object), am I missing something here?

Thanks
Luke

luke.mondy · March 2, 2022, 11:53pm

Any ideas on this issue?

mtaron · September 13, 2022, 1:10am

I’m encountering the same issue. Here’s another request for the same feature: User object in actions is missing groups

It looks like groups and group_ids are still only available in Rules. The docs say:

Note: The event.user object will not include any top-level attributes added by an external identity provider.

Does that mean that groups and group_ids will never be coming to Actions and that we need to stick with Rules for this feature?

konrad.sopala · January 8, 2024, 12:56pm

Hey there!

As this topic is related to Actions and Rules & Hooks are being deprecated soon in favor of Actions, I’m excited to let you know about our next Ask me Anything session in the Forum on Thursday, January 18 with the Rules, Hooks and Actions team on Rules & Hooks and why Actions matter! Submit your questions in the thread above and our esteemed product experts will provide written answers on January 18. Find out more about Rules & Hooks and why Actions matter! Can’t wait to see you there!

Learn more here!

Topic		Replies	Views
Checking Azure AD groups with actions Help azure-ad , roadmap , user-group , actions	2	3210	January 7, 2023
Add user attributes to idToken Help login , actions	8	4849	May 18, 2021
Rules, Hooks and Actions: Migration Common Questions Knowledge Articles	1	870	January 19, 2024
AzureAD fields in Auth0 Actions Help connections , azure-ad-enterprise-connection	3	1030	July 14, 2023
Access to user info (oid) during actions post login Help userinfo , azure-ad , user-profile , actions	2	2315	October 26, 2022

Accessing Identity Provider groups in actions

Related Topics