Auth0 v9 get user roles and permissions

riunge · April 5, 2023, 11:13am

I am trying to get the permissions and roles associated with a specific user and for some reason Auth0 does not include those in the token. Could anyone help with what I may be doing wrong?
here is how I instantiate auth0; PS: I am using Auth0.js v9 Reference

const webAuth = new auth0.WebAuth({
  domain: process.env.REACT_APP_AUTH0_DOMAIN || '',
  clientID: process.env.REACT_APP_AUTH0_CLIENT_ID || '',
  responseType: 'token id_token',
  scope: 'openid profile email roles',
  audience: 'ternwheel',
  redirectUri: window.location.origin,
})

Here is how I call the auth with password and an email

    webAuth.login(
      {
        realm: 'Username-Password-Authentication',
        responseType: 'token id_token',
        redirectUri: window.location.origin,
        email,
        password,
      },
      e => console.log(e)
    )

finally auth0 sends me this token that does not include the permissions or roles
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ik8wY0oyY05FRTJvQW43aTYtVG5nUiJ9.eyJpc3MiOiJodHRwczovL2Rldi15YjQ3MWR1c2JvdmsyMXV1LnVzLmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHw2NDJhOTViYWNmZjY2ZmRjZGM4OTczYzYiLCJhdWQiOlsidGVybndoZWVsIiwiaHR0cHM6Ly9kZXYteWI0NzFkdXNib3ZrMjF1dS51cy5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNjgwNjkyOTk2LCJleHAiOjE2ODA3MDAxOTYsImF6cCI6Im5xZWVZd1AyQ0ZUR1lyNnMzMnJkRlNKcG1QZ3ZOaEQ1Iiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsInBlcm1pc3Npb25zIjpbInVzZXI6bWFuYWdlciJdfQ.2xcr90GoYynvoWWOL-ur2ELiWY9Fwjy_bZFnlFwAMjtl3LhE9nFYYwbR3709o1E4SzxzMxSz3pWJ92_PuaG3qssVD6To9PchzE8Xz8xO2p-8vGFKo6950aDmYHzF-V_n-bhzPvgeErhI1jPYNc0JZ7Ak1X-oVE-forQLVecfXPXcw9O82abKRJjA9WxsUS2doS5O6TA1msn-flplFCjunRwqdqy8D-A3L1H5E2y7beRXtli9EYMYeNJH_5cjb36VYZP8M_z-tPE3w1y_Z94jvlJS9mkkhU5M1_pBcoegiCcINrXvAuxmYSHzl04lzuMUZD5LBT7sdTI1M8zgvMDYxQ

I have also turned on RBAC for my api.

dan.woda · April 6, 2023, 8:11pm

Hi @riunge,

Welcome to the Auth0 Community!

I understand you would like to add roles and permissions to the access token.

The token you posted appears to include some permissions, that is good. Is there some missing from that array?

Screenshot 2023-04-06 at 4.11.10 PM

As for adding the roles to the token. That can be done in an Action. Here is an FAQ on the subject:

Let me know if you have any questions!

system · April 20, 2023, 8:12pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How can i get the logged in user's roles? Help configuration , application	3	16	August 1, 2024
How to get permissions for user? Help	15	20639	August 15, 2019
Auth0 Action add user role to token Help user-profile , user-management	2	533	March 25, 2024
Roles and permissions from Auth0 Extension not being added to id token in Next app Help classic-universal-login-experience , login-experience	4	1751	July 27, 2023
Retrieve user roles and permission on profile with nextjs Help auth0 , login	2	5762	October 12, 2022

Auth0 v9 get user roles and permissions

Related Topics