Hi @Skia,
Thanks for reaching out to the Auth0 Community!
After taking a look at your Action, I found that you are trying to both assign the user roles and set the roles as a custom claim simultaneously.
In this scenario, I recommend separately these tasks and using the management.roles.assignUsers method instead.
So far, I found issues with the management.users.assignRoles and management.assignRolestoUser methods working incorrectly. As a workaround, you could use the management.roles.assignUsers for a single user, when normally meant for assigning many users.
Here is a revised version of your Action:
exports.onExecutePostUserRegistration= async (event, api) => {
if (event.stats.logins_count !== 1) {
return;
}
const namespace = "https://my-app.example.com";
const ManagementClient = require("auth0").ManagementClient;
const management = new ManagementClient({
domain: event.secrets.domain,
clientId: event.secrets.clientId,
clientSecret: event.secrets.clientSecret,
scope: "read:roles create:roles update:roles",
});
const defaultRole = { id :'YOUR_DEFAULT_ROLE_ID_HERE'};
const adminRole = { id :'YOUR_ADMIN_ROLE_ID_HERE'};
var data = { "users" : [ event.user.user_id]};
try {
if (event.authorization) {
if (!event.user.email_verified) {
return;
} else if (event.user.email && event.user.email.endsWith("@arcadous.com")) {
api.idToken.setCustomClaim(`${namespace}/roles`, event.secrets.adminRole);
api.accessToken.setCustomClaim(`${namespace}/roles`, event.secrets.adminRole);
await management.roles.assignUsers(adminRole, data);
} else {
api.idToken.setCustomClaim(`${namespace}/roles`, event.secrets.defaultRole);
api.accessToken.setCustomClaim(`${namespace}/roles`, event.secrets.defaultRole);
await management.roles.assignUsers(defaultRole, data);
}
}
} catch (e) {
console.log(e);
}
};
Please let me know how this works for you.
Thank you.