Hasura docs show how to integrate Auth0 JWT with it’s graphql api.
But they are using Rules to add the claims.
It looks like Auth0 is recommending Actions now.
I tried to make add the claims using actions but it is not working, I don’t see the custom claims in the token:
exports.onExecuteCredentialsExchange = async (event, api) => {
const namespace = "https://hasura.io/jwt/claims";
const {user} = event
api.accessToken[namespace] =
{
'x-hasura-default-role': 'user',
// do some custom logic to decide allowed roles
'x-hasura-allowed-roles': ['user'],
'x-hasura-user-id': user.user_id
};
};
I’ve attached this to the Machine to Machine flow.
What am I missing?
Hi @ulisses,
Welcome to the Auth0 Community!
I understand that you are looking to add Hasura claims with Actions.
First, I’d like to emphasize that Rules are triggered after a user authenticates to your application.
In other words, this would be equivalent to a Post-Login Action. In the Hasura documentation, they are adding custom claims to the accessToken like this example.
To accomplish this with Actions, you’ll need to use a Post-Login Action script to add the Hasura claims to tokens and pass the event.user.user_id as the user’s ID.
For example:
exports.onExecutePostLogin = async (event, api) => {
const namespace = "https://hasura.io/jwt/claims";
api.accessToken.setCustomClaim(namespace,
{
'x-hasura-default-role': 'user',
// do some custom logic to decide allowed roles
'x-hasura-allowed-roles': ['user'],
'x-hasura-user-id': event.user.user_id
});
};
You may also find these resources useful:
https://auth0.com/docs/actions/triggers/post-login/event-object
https://auth0.com/docs/actions/triggers/post-login/api-object
Please let me know how this works for you.
Thank you.