Auth0 v9 get user roles and permissions

I am trying to get the permissions and roles associated with a specific user and for some reason Auth0 does not include those in the token. Could anyone help with what I may be doing wrong?
here is how I instantiate auth0; PS: I am using Auth0.js v9 Reference

const webAuth = new auth0.WebAuth({
  domain: process.env.REACT_APP_AUTH0_DOMAIN || '',
  clientID: process.env.REACT_APP_AUTH0_CLIENT_ID || '',
  responseType: 'token id_token',
  scope: 'openid profile email roles',
  audience: 'ternwheel',
  redirectUri: window.location.origin,
})

Here is how I call the auth with password and an email

    webAuth.login(
      {
        realm: 'Username-Password-Authentication',
        responseType: 'token id_token',
        redirectUri: window.location.origin,
        email,
        password,
      },
      e => console.log(e)
    )

finally auth0 sends me this token that does not include the permissions or roles
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ik8wY0oyY05FRTJvQW43aTYtVG5nUiJ9.eyJpc3MiOiJodHRwczovL2Rldi15YjQ3MWR1c2JvdmsyMXV1LnVzLmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHw2NDJhOTViYWNmZjY2ZmRjZGM4OTczYzYiLCJhdWQiOlsidGVybndoZWVsIiwiaHR0cHM6Ly9kZXYteWI0NzFkdXNib3ZrMjF1dS51cy5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNjgwNjkyOTk2LCJleHAiOjE2ODA3MDAxOTYsImF6cCI6Im5xZWVZd1AyQ0ZUR1lyNnMzMnJkRlNKcG1QZ3ZOaEQ1Iiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsInBlcm1pc3Npb25zIjpbInVzZXI6bWFuYWdlciJdfQ.2xcr90GoYynvoWWOL-ur2ELiWY9Fwjy_bZFnlFwAMjtl3LhE9nFYYwbR3709o1E4SzxzMxSz3pWJ92_PuaG3qssVD6To9PchzE8Xz8xO2p-8vGFKo6950aDmYHzF-V_n-bhzPvgeErhI1jPYNc0JZ7Ak1X-oVE-forQLVecfXPXcw9O82abKRJjA9WxsUS2doS5O6TA1msn-flplFCjunRwqdqy8D-A3L1H5E2y7beRXtli9EYMYeNJH_5cjb36VYZP8M_z-tPE3w1y_Z94jvlJS9mkkhU5M1_pBcoegiCcINrXvAuxmYSHzl04lzuMUZD5LBT7sdTI1M8zgvMDYxQ

I have also turned on RBAC for my api.

Hi @riunge,

Welcome to the Auth0 Community!

I understand you would like to add roles and permissions to the access token.

The token you posted appears to include some permissions, that is good. Is there some missing from that array?

Screenshot 2023-04-06 at 4.11.10 PM

As for adding the roles to the token. That can be done in an Action. Here is an FAQ on the subject:

Let me know if you have any questions!

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.