Assigning default role to a new user post registration or post login not working

rj891852 · July 19, 2023, 4:29pm

I have followed all the steps mentioned here: How can I use the Management API in Actions?. Still the newly created user (post login or post registration) doesn’t get the required role. Steps:

Deploy Flask server and React.js app from React with React Router 6 (JavaScript) + Flask (Python) Code Sample: Basic Role-Based Access Control (RBAC) for Hello World Full-Stack App. These work seamlessly without any issues.
Deploy M2M app for API management and create postUserRegistration Action as described here: How can I use the Management API in Actions?

/**
* Handler that will be called during the execution of a PostUserRegistration flow.
*
* @param {Event} event - Details about the context and user that has registered.
* @param {PostUserRegistrationAPI} api - Methods and utilities to help change the behavior after a signup.
*/
exports.onExecutePostUserRegistration = async (event, api) => {

  const ManagementClient = require('auth0').ManagementClient;

  const management = new ManagementClient({
      domain: event.secrets.domain,
      clientId: event.secrets.clientId,
      clientSecret: event.secrets.clientSecret,
  });

  const params =  { id : event.user.user_id};
  const data = { "roles" : ["rol_VLZgbsWK97BBneyJ"]};

  try {
    const res = await management.assignRolestoUser(params, data)
  } catch (e) {
    console.log(e)
    // Handle error
  } 
};

Perform a user signup from the React.js app created in step 1.
The user appears in the users section but no role assigned to it.

Please can you help with this POC so that I can start building the real app for my use case of evaluating this platform?

Attached are the logs that I could see and nothing points to an error. You can ignore the “failed sending notification” log because the results are the same when I use a real email address and verify the email.

rueben.tiow · July 19, 2023, 7:47pm

Hi @rj891852,

Welcome to the Auth0 Community!

I have just checked your tenant settings and do not see any Action scripts deployed. Checking further, I see that you just recently deleted your Action scripts.

I suspect that you might be using Node 18 in Actions, which is currently recommended. Have you made sure to include the auth0 module as a dependency?

And as a follow up, could you please test your code with the built-in debugger and let me know what kind of errors you see?

Thanks,
Rueben

rj891852 · July 19, 2023, 9:12pm

Hi @rueben.tiow,

I recreated everything as detailed in the various community videos. The result is same. The user is created but no role is assigned. Running the debugger yields nothing:

[]
Error:
{}
Stats:
{
  "total_request_duration_ms": 315,
  "total_runtime_execution_duration_ms": 312,
  "runtime_processing_duration_ms": 8,
  "action_duration_ms": 257,
  "runtime_external_call_duration_ms": 47,
  "boot_duration_ms": 55,
  "network_duration_ms": 3
}

Here’s the script I have used:

exports.onExecutePostLogin = async (event, api) => {
  if (event.stats.logins_count !== 1) {
    return;
  }

  const ManagementClient = require('auth0').ManagementClient;

  const management = new ManagementClient({
      domain: event.secrets.domain,
      clientId: event.secrets.clientId,
      clientSecret: event.secrets.clientSecret,
  });

  const params =  { id : event.user.user_id};
  const data = { "roles" : ["rol_VLZgbsWK97BBneyJ"]};

  try {
    const res = await management.assignRolestoUser(params, data)
  } catch (e) {
    console.log(e)
    // Handle error
  }
};

Dependency and runtime info:

auth0@latest that resolves to auth0@3.6.0
Login / Post Login, Runtime: Node 18 (Recommended)

This is the latest log from SuccessExchange event of M2M app:

{
  "date": "2023-07-19T21:08:14.703Z",
  "type": "seccft",
  "description": "Client Credentials for Access Token",
  "connection_id": "",
  "client_id": "DCfzQxd3pasBF9YcXE2X5KNdAgn19AnT",
  "client_name": "Actions Management API",
  "ip": "3.132.201.78",
  "user_agent": "Other 0.0.0 / Other 0.0.0",
  "hostname": "dev-ruwdfwbt.us.auth0.com",
  "user_id": "",
  "user_name": "",
  "audience": "https://dev-ruwdfwbt.us.auth0.com/api/v2/",
  "scope": "update:roles",
  "auth0_client": {
    "name": "node-auth0",
    "version": "3.6.0",
    "env": {
      "node": "18.16.0"
    }
  },
  "log_id": "90020230719210817156357000000000000001223372046946943227",
  "_id": "90020230719210817156357000000000000001223372046946943227",
  "isMobile": false,
  "id": "90020230719210817156357000000000000001223372046946943227"
}

rj891852 · July 20, 2023, 3:37am

I made it to work. This is surprising how so many users have raised the same concern and they have all been directed to some videos which are not updated in line with the updated versions. For people like me, who are evaluating the platform for larger use, this will be a factor in the adoption. This is a basic functionality that anyone would want to have, so why not document it properly!!!

rueben.tiow · July 20, 2023, 5:08pm

Hi @rj891852,

Thank you for your updates!

Firstly, I apologize for any inconvenience or difficulty you had when following our documentation to assign your user to a role using an Action.

However, I am glad that you were able to get it working! Would you mind sharing some details on what you did to get this working with the rest of the Community?

I see in your tenant now that you have used the code provided in the How can I use the Management API in Actions? FAQ, and chosen to use a Post-Login Aciton instead .

Just a friendly reminder that when testing the action script, please remember to sign up a new user each time. It seems that the tests you performed yesterday may have used the same user each time, which might explain the issue with role assignment. I also noticed an increase in the number of users in your tenant today, which might have contributed to your successful tests.

Thanks,
Rueben

system · August 3, 2023, 5:09pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.