Trying to understand how I can take roles or permissions in my Auth0 tenant and have them added to a token (Test or otherwise) and use that data to fulfill Policy Requirements as indicated in my .NET Core 3.1 WebApi code.
Thanks
Hi @imjason,
Welcome to the Community!
I would recommend starting here:
And look at this rule for how to add roles to the token:
let me know if you have further questions,
Dan
Dan,
Thanks for your response, it was good to review and double check that I had hit all of the points of interest. Currently, I have permissions defined for a registered API, I have a role defined that includes that permission and a user assigned to that role.
My issue is, when I visit the API in the portal and go to Test the token I get back (Bearer) does not contain permission information despite RBAC being enabled. I had thought I needed to add a rule but that seems to be true if I want the role to come down - which I do, eventually.
I am wondering if, maybe, I am seeing no permissions because I am getting my token from Test in the portal rather than logging in with an application.
Thoughts?
Tried my login with the SPA sample. Something is wrong. I do not get any claim or permission information from anywhere in the token. I have RBAC enabled and have indicated I want permissions added to the token. Why are they not there?
The test application will get you a machine to machine token. There wouldn’t be a user in that scenario that would have roles.
Can you send me a DM with a HAR of the auth transaction from your SPA. Make sure you are logging in as a user that has the roles assigned.
Thanks,
Dan
I spoke with someone over Twitter and we did a screen share and they helped me through my misunderstanding
Glad it was resolved! Please post a solution if you have the time.
Thanks for letting us know,
Dan
Thanks for following up!