Auth0 Home Blog Docs

ADFS - Roles and Groups with Rules

adfs
rules
roles
groups

#1

Hello,
I am trying to get the roles and groups associated with my ADFS user. I have follow this question here. https://community.auth0.com/questions/4161/groups-and-roles-not-returned-in-sample-java-appli
but it does not seem to work still.

I wrote out the whole user object to the debugger but there are no roles inside of the user object. I also wrote out context but that does not contain any of the groups either.

Under the user area after they sign in they have Identity Provider Attributes and it has theirs groups inside of there. How do I get this transfered to the JWT Token?
I have tried doing this as an OIDC comformant application and then unchecking it to see if that matters. Is there anything that I am missing here?

Would be nice if this question could be answered? https://community.auth0.com/questions/5741/how-to-use-rules-to-add-user-roles-based-on-ad-gro

function (user, context, callback) {
  // TODO: implement your rule
  var namespace = 'https://app.subdomainname.com/';
  context.accessToken[namespace + 'roles'] = user.roles;
  context.accessToken[namespace + 'groups'] = user.groups;
  console.log(user.groups);
  console.log(user.roles);
  console.log(user.user_metadata);
  console.log(user.app_metadata);
  console.log(context);
      callback(null, user, context);
}

#2

I thought the user object inside of the rules was coming from the provider and should provide everything? Inside of the user section in Auth0 it has the groups filled in. Is this a problem with Auth0 not providing the correct information?


#3

The above code was correct, but there was another rule that was auto generated that caused the issue.

This rule been automatically generated by auth0-authz-extension
Once I disabled this rule it worked fine.


#4