Auth0 v9 get user roles and permissions

riunge · April 5, 2023, 11:13am

I am trying to get the permissions and roles associated with a specific user and for some reason Auth0 does not include those in the token. Could anyone help with what I may be doing wrong?
here is how I instantiate auth0; PS: I am using Auth0.js v9 Reference

const webAuth = new auth0.WebAuth({
  domain: process.env.REACT_APP_AUTH0_DOMAIN || '',
  clientID: process.env.REACT_APP_AUTH0_CLIENT_ID || '',
  responseType: 'token id_token',
  scope: 'openid profile email roles',
  audience: 'ternwheel',
  redirectUri: window.location.origin,
})

Here is how I call the auth with password and an email

    webAuth.login(
      {
        realm: 'Username-Password-Authentication',
        responseType: 'token id_token',
        redirectUri: window.location.origin,
        email,
        password,
      },
      e => console.log(e)
    )

finally auth0 sends me this token that does not include the permissions or roles
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ik8wY0oyY05FRTJvQW43aTYtVG5nUiJ9.eyJpc3MiOiJodHRwczovL2Rldi15YjQ3MWR1c2JvdmsyMXV1LnVzLmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHw2NDJhOTViYWNmZjY2ZmRjZGM4OTczYzYiLCJhdWQiOlsidGVybndoZWVsIiwiaHR0cHM6Ly9kZXYteWI0NzFkdXNib3ZrMjF1dS51cy5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNjgwNjkyOTk2LCJleHAiOjE2ODA3MDAxOTYsImF6cCI6Im5xZWVZd1AyQ0ZUR1lyNnMzMnJkRlNKcG1QZ3ZOaEQ1Iiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsInBlcm1pc3Npb25zIjpbInVzZXI6bWFuYWdlciJdfQ.2xcr90GoYynvoWWOL-ur2ELiWY9Fwjy_bZFnlFwAMjtl3LhE9nFYYwbR3709o1E4SzxzMxSz3pWJ92_PuaG3qssVD6To9PchzE8Xz8xO2p-8vGFKo6950aDmYHzF-V_n-bhzPvgeErhI1jPYNc0JZ7Ak1X-oVE-forQLVecfXPXcw9O82abKRJjA9WxsUS2doS5O6TA1msn-flplFCjunRwqdqy8D-A3L1H5E2y7beRXtli9EYMYeNJH_5cjb36VYZP8M_z-tPE3w1y_Z94jvlJS9mkkhU5M1_pBcoegiCcINrXvAuxmYSHzl04lzuMUZD5LBT7sdTI1M8zgvMDYxQ

I have also turned on RBAC for my api.

dan.woda · April 6, 2023, 8:11pm

Hi @riunge,

Welcome to the Auth0 Community!

I understand you would like to add roles and permissions to the access token.

The token you posted appears to include some permissions, that is good. Is there some missing from that array?

Screenshot 2023-04-06 at 4.11.10 PM

As for adding the roles to the token. That can be done in an Action. Here is an FAQ on the subject:

Let me know if you have any questions!

system · April 20, 2023, 8:12pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How can i get the logged in user's roles? Help configuration , application	3	22	August 1, 2024
Having trouble accessing roles on user account via ID or Access Tokens Help roles , authorization-extens , authorization	2	5450	September 3, 2019
[React] Get permissions for authenticated user through Auth0Client.getUser() Help	1	5812	February 7, 2020
How We Can Get Roles From Profile Object Help auth0	2	2194	June 1, 2022
Auth0-React: Best way to get user role/permission data to render app components Help jwt , auth0 , login	2	7158	November 11, 2020

Auth0 v9 get user roles and permissions

Related topics