auth0-authorization-extension rule only provides groups, not roles or permissions

Mark06 · February 16, 2018, 3:41pm

Hi, I’ve started using the authorization extension recently. I’ve added a test group, role and permissions, and assigned the role to my user, both via the group and directly.

I have also enabled the rule to publish the auth data to the token. The problem is, every time I log in, I only see the groups data in the outgoing token.

I added a console.log in the auth0-authorization-extension rule:

 getPolicy(user, context, function(err, res, data) {
     ... error handling code removed ...
    console.log(data);
    // Update the user object.
    user.groups = data.groups;
    user.roles = data.roles;
    user.permissions = data.permissions;

And observe the following data in the Real-time Webtask Logs:

  "groups": 
    "acmecorp"
  ],
  "roles": ],
  "permissions": ],

Any ideas what’s going wrong?

Mark06 · February 16, 2018, 3:56pm

This is a native client type

Mark06 · February 16, 2018, 4:47pm

Ok, it seems roles and permissions are linked to specific clients, so when I was using the TRY ALL RULES WITH... button on the Rules page on the console, it wasn’t using the same client that I use from my application.

In my opinion this should be made much clearer in the authorization extension documentation, as it seems to have bitten a few people already.

Also, it’s quite unclear how you would create rules for a specific client if you have multiple clients… presumably importing and exporting the json document?

konrad.sopala · August 27, 2019, 10:34am

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?