Add Default Role to New User Sign-up

There seem to be a number of topics related to this, but no clear approach. If users can self-sign-up to an application, I would hope there is an ability to assign a default role to such users. I have read topics on assigning a role at the first log-on and using a hook (but limited to API rates), is there an easy approach to achieving this upon sign-up? If not, then please say so.

Hi @amckendrick,

There are different approaches here, and not necessarily one standard way. I will try and lay out what I know about the topic. These could be pros or cons depending on your needs.

Using a post registration hook to add the role:

  • Limited to database connections (will not be applied to social connections)
  • Does not require a login to assign the role
  • Role assigned when you create a new user via the management api/dashboard
  • Role assigned after a successful signup via the custom signup page ( /dbconnections/signup endpoint)
  • Role assigned after successful signup through the hosted login solutions
  • Limited by management API rate limits

Using a rule:

  • Requires a first login to assign the role (not assigned on creation via API, dashboard, signup endpoint)
  • Applies to all connections (db, social, etc.)
  • Limited by management API rate limits

If you have a use-case not covered here, our product team would like to get your feedback.

I hope that helps clarify things.

Thanks,
Dan

1 Like

As @ amckendrick said, this seems to be a very common scenario: adding a user to a default low-level role when they first sign-in. The broad response from @dan.woda only outlines the two scenarios (for social logins and non), it does not provide any details on how to make either of them work, or even provide links to documentation.

My scenario is this:
I use the Facebook, Instagram, and Google social auth providers. I have a default role in my Auth0 API named “Contributor” for any of my users that login via social. I have setup RBAC, roles, and scopes. I have wired up up my mobile app to support Auth0 login (which is working great), and I have set up my ASP.NET Core 3.1 API to recognize the scopes and roles. All I need to know is: how do I put a new user from social into my “Contributor” role? That’s it. I just want to see the javascript code for the rule that will perform that one action.

I understand that the conditions upon which an admin will want users to go into that role will vary, but it would be nice to see some solid reproducible code that demonstrates how to put a new user into a role. I imagine MANY Auth0 customers need this basic functionality in their user workflows.

6 Likes

@jsauve,

Here is the link you are looking for. Sorry for the lack of link in the original response, this question gets asked a lot and it must have slipped by me. This method uses rules, and should cover social and db users.

2 Likes

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.