Hi @daniel.j,
Thanks for your response.
Firstly, a Database or Social Connection will work with a Post-Login Action. Moreover, the examples shown in this link and my previous post are a Post Login Action. I am not seeing where a Post-User Reg is involved.
In this sittuation, you will need to toggle off the feature that Adds permissions in the Access Token and create a Post-Login Action to add the user’s permissions and roles to the token. This will avoid doubly adding the permissions and roles if you previously had the Adds permissions in the Access Token toggle enabled. See below for clarity:
You will not be able to populate the permissions array in the access token unless the user was previously assigned permissions before granting the access token, or you will need to configure silent authentication to request a new access token with the newly populated permissions.
I would recommend the former, where you add the permissions/scopes as a custom claim to the access tokens before granting the access token.
Please let me know how this goes for you. If you need further assistance on getting the Action working, please feel free to reach out.
Thank you.