Add roles to access token

giovannilaperna · January 15, 2022, 6:00pm

This has been a recurring topic, however none of the proposed solution worked for me.

I created a role
I assigned the role to my user.
I created a custom rule as suggested here:

function addEmailToAccessToken(user, context, callback) {
  // This rule adds the authenticated user's roles to the access token.

  var namespace = 'https://my-url.us.auth0.com/';

  context.accessToken[namespace + 'roles'] = user.app_metadata.roles;
  return callback(null, user, context);
}

However user.app_metadata is undefined
Which should be the correct namespace?

giovannilaperna · January 16, 2022, 5:09am

Thanks to this topic I found the solution:

function (user, context, callback) {
    // This rule adds the authenticated user's roles to the access token.

  var namespace = 'https://my-domain.com/';
  context.accessToken[namespace + 'roles'] = context.authorization.roles;
  callback(null, user, context);
}

dan.woda · January 18, 2022, 2:21pm

Thanks for posting an update @giovannilaperna!

system · February 2, 2022, 2:22pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Add role to a user Help jwt , auth0 , login	4	6189	September 3, 2019
How to add user meta data and app meta data in access token? Help auth0 , api , rules	2	6761	March 28, 2022
Add Authorization Core Role to User object Help roles	8	3653	July 15, 2021
Custom rule to add user.app_metadata to accessToken does not trigger Help jwt , auth0 , rules	5	7727	January 8, 2024
Is it correct to use rules to add roles to access tokens issued to our own API? Help rules , access-token , webapi , openidconnect	4	8158	March 2, 2018

Add roles to access token

Related Topics