Add user email and roles in access token only for a specific app

Hello everyone :wave:
My company has a Auth0 organization with multiple applications in it.
I would like to add user email and roles in the access token but only for a specific app. I added these fields with Auth0 Actions but it impacts all applications of the organization.
How can I do that ?
Thanks a lot for your help.

There is no solution for this common use case ? :grimacing:

Hey there @kevin.lescouarnec welcome to the community!

You should be able to do this by adding some logic to an action to check for the application (client_id) and add the roles to the access token accordingly. It might look something like this:

exports.onExecutePostLogin = async (event, api) => {
  // Replace YOUR_CLIENT_ID with the actual Client ID of your specific application
  const targetClientId = 'YOUR_CLIENT_ID';
  if (event.client.clientID !== targetClientId) {
    // Not the target client, so we don't modify the token
  const assignedRoles = event.authorization.roles;

  api.accessToken.setCustomClaim('http://namespace/roles', assignedRoles);

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.