Assigning roles (from Authorization Extension) to a new user via Management API

anay-kava · October 30, 2019, 2:02am

Hi Guys,

I’m new here, so apologies in advance if this is a stupid question. I’ve tried many many things, but can’t seem to be able to get this to work.

Simple Scenario-
I followed the instruction from Auth0 Quickstart pages, and have developed a simple SPA+Server API application.
I have also created the Roles and Permission using the Authorization Extension, and have set up ‘Rules’ to add the roles+permission to the access-token when user logs in.

When trying to create a new user programmatically, I use the NodeJS SDK, and call ManagementClient.createUser() function, which successfully creates the user.

The problem -
When I try to programmatically assign the Role (defined in Authorization extension) to the newly created user, I am unable to access any Roles from the Auth Extension. For example, ManagementClient.getRoles() simply returns an empty array (most likely because all roles are defined in the Authorization Extension, and not in Auth0’s Core.
Even if I manually try to assign the Role (from Auth Ext_) to the newly created user using hardcoded Role_ID, it throws error because the ManagementClient cannot find that role.

How do I make this work? How do I use the Management API to assign role to a user, when the roles are actually defined in the Authorization Extension?

Thanks in advance for all your help.

dan.woda · October 30, 2019, 4:32pm

Hi @anay-kava,

There are two different role based access control (RBAC) features at Auth0.

The authorization extension, which can be controlled by the authorization extension API, is the original RBAC implementation and will eventually be deprecated and replaced by the authorization core feature. The core can be managed via the endpoints you are referring to, and is different from and separate to the extension.

You can use either feature at this time, but I would recommend using the core feature as it will eventually fully replace the extension.

Hope this helps!

Thanks,
Dan

anay-kava · November 5, 2019, 6:10am

Thanks so much Dan, I appreciate your fast reply. I think the Auth0 documentation (SPA + Server) guided me towards using the Extension, so that’s where my roles and permissions ended up. I’ll try to pull all of those in to the auth-core (i.e. through Auth0 Dashboard), and will see how it goes.

Thank you once again!

Regards,
Anay

dan.woda · November 7, 2019, 10:54pm

@anay-kava,

I have contacted the docs team and they are already working on moving the documentation over to the new authorization core. Thanks for understanding!

Best,
Dan

dan.woda · November 22, 2019, 10:54pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Assigning default role(s) to new users Help auth0 , roles	10	16969	July 19, 2019
Assigning management API permissions to role Help roles	3	2517	January 8, 2022
Add role to user via node-auth0 / Management API in Rule Help rules , management-api	9	8287	May 25, 2019
Assign a default role when using Authorization extension Help extensions , auth0-authorization	1	1298	December 31, 2022
Help to set up authentication and authorization for SPA Help auth0	2	4391	March 10, 2020

Assigning roles (from Authorization Extension) to a new user via Management API

Related Topics