ar4891
April 21, 2022, 10:35pm
1
I use React + Auth0 + NextJS for server rendering. Currently I do
export const getServerSideProps = withPageAuthRequired({
getServerSideProps: async (context: GetServerSidePropsContext) => {
return {} ;// Return needed server side props
},
});
As you may already know withPageAuthRequired just checks for authentication not authorization such as, does user have specific roles or not.
How can I check for authorization of a specific user, if user has specific roles or not?
tyf
April 22, 2022, 12:44am
5
Hi there @ar4891 welcome to the community!
While I’m not super familiar with NextJS, typically roles are added to an Access Token and are utilized that way - The following resources may be of help:
# Examples
- [Create your own instance of the SDK](#create-your-own-instance-of-the-sdk)
- [Customize handlers behavior](#customize-handlers-behavior)
- [Use custom auth urls](#use-custom-auth-urls)
- [Protecting a Server-Side Rendered (SSR) Page](#protecting-a-server-side-rendered-ssr-page)
- [Protecting a Client-Side Rendered (CSR) Page](#protecting-a-client-side-rendered-csr-page)
- [Protect an API Route](#protect-an-api-route)
- [Protecting pages with Middleware](#protecting-pages-with-middleware)
- [Access an External API from an API Route](#access-an-external-api-from-an-api-route)
- [Add a signup handler](#add-a-signup-handler)
- [Use with Base Path and Internationalized Routing](#use-with-base-path-and-internationalized-routing)
- [Use a custom session store](#use-a-custom-session-store)
- [Back-Channel Logout](#back-channel-logout)
See also the [example app](./example-app).
### Create your own instance of the SDK
When you use the named exports, the SDK creates an instance of the SDK for you and configures it with the provided environment variables.
This file has been truncated. show original
Regarding adding the roles as a custom claim to an Access Token, please see:
Hi @kl.auth
Welcome to Auth0 Community !!!
Don’t use Management API call for this. You can add a custom roles claim in a post-login action like this:
/**
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onExecutePostLogin = async (event, api) => {
const namespace = 'https://my-app.example.com';
if (event.authorization) {
api…
Hope this helps!
1 Like