Add Authorization Core Role to User object

I try to use the Authorization Core Roles to manage Users but I cannot get the roles in the user token…

What I have done:

  1. create a role in the Auth0 Dashboard
  2. assign the role to a user
  3. created a rule to add the role information to the user object:
function (user, context, callback) {
  const namespace = 'http://demozero.net';
  const assignedRoles = (context.authorization || {}).roles;

  let idTokenClaims = context.idToken || {};
  let accessTokenClaims = context.accessToken || {};

  idTokenClaims[`${namespace}/roles`] = assignedRoles;
  accessTokenClaims[`${namespace}/roles`] = assignedRoles;

  context.idToken = idTokenClaims;
  context.accessToken = accessTokenClaims;

  callback(null, user, context);
}

I know there is a difference between the Authorization Core and the Authorization Extension but I can get neither to work.

Is there a way to simply add the role information created in the Auth0 Dashboard to the user object?

Hi @patrick12,

Welcome to the Community!

Here are a few things we can do to narrow down the problem:

  • Add a console.log to the rule to make sure it is running during a login
  • Hard code the assignedRoles variable with a value and see if your custom roles claims are being added to the token
  • Console.log the context.authorization object to confirm the roles are being populated correctly in the rule

Let me know if any of those things aren’t happening correctly and we can dive deeper.

Hi dan.woda,
thanks for the reply.

I tried to log the information but I do not get any console output on login.
I even changed the rule to a copy&paste rule from your documentation, with:

function (user, context, callback) {
  if (user.email === 'test@email.com') {
    context.idToken["http://cmpy/roles"] = ['admin', 'guest'];
  }else{
    context.idToken["http://cmpy/roles"] = ['guest'];
  }

  console.log(context.authorization);
  
  callback(null, user, context);
}

But still I do not find any logs or a change in the user object…

Thanks for your help

Can you please DM me the name of the tenant you are using for this?

To be clear, you are looking at the debugging console? Can you get any console.log to show up? i.e. console.log('hello world')
Screen Shot 2021-06-29 at 12.47.33 PM

You will not see anything in your devtools browser console. The code of your rule is running similar to a serverless function, it’s not running in your browser.

Can you try to log out of your Auth0 account and log back in to fix this error? After you do that, go to rules and try to open up the debug console again.

You should see a page that looks like this.

1 Like

I managed to get the debugging tool running. The problem was the extension was not installed…

I also got the roles to be logged and from there it was easy to process the information.

For any one with a similar problem this is the working solution for my case:

function (user, context, callback) {
  context.idToken['https://domainname/shinyproxy_roles'] = context.authorization.roles;
  console.log(context.authorization.roles);
  callback(null, user, context);
}

Great, thanks for posting a solution.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.