Auto role adder based on application source

dpatrone1 · April 29, 2024, 1:17pm

hi everyone,
Below is my current action: i need to insert an if statement that switch between the domain that makes the login request

exports.onExecutePostLogin = async (event, api) => {
  if (event.stats.logins_count > 1) {
    return;
  }
  const ManagementClient = require('auth0').ManagementClient;

  const management = new ManagementClient({
    domain: event.secrets.domain,
    clientId: event.secrets.clientId,
    clientSecret: event.secrets.clientSecret,
  });

  const params = { id: event.user.user_id };
  const data = { "roles" : ["rol_gUNCo5UFyb9IVubw"]};
    try {
    await management.assignRolestoUser(params, data);
    console.log(`Role ${data.roles} successfully assigned to ${event.user.email}`);
    api.idToken.setCustomClaim(`rules`, "rangerGestUser");
    api.accessToken.setCustomClaim(`rules`, "rangerGestUser");
  } catch (err) {
    
    console.log(err);
    // Handle error.
  }
};

I want to change the role ( const data = { “roles” : [“rol_gUNCo5UFyb9IVubw”]}; ) based on the login domain
for example if the login domain is foo.bar.com → role 1 ; bar.foo.com → role 2

can anyone help me?

thanks a lot
davide

rueben.tiow · April 29, 2024, 8:55pm

Hi @dpatrone1,

You should be able to conditionally set your roles based on the login domain by adding an if-condition, as you mentioned.

You should encapsulate that if-condition block around the management.users.assignRoles method.

For example, you could check the redirect_uri to determine the domain:

exports.onExecutePostLogin = async (event, api) => {
  if (event.stats.logins_count > 1) {
    return;
  }

  if (event.transaction.redirect_uri === "https://someuri.com") {
    const ManagementClient = require('auth0').ManagementClient;

    const management = new ManagementClient({
      domain: event.secrets.domain,
      clientId: event.secrets.clientId,
      clientSecret: event.secrets.clientSecret,
    });

    const params = { id: event.user.user_id };
    const data = { "roles" : ["rol_gUNCo5UFyb9IVubw"]};

    try {
      await management.assignRolestoUser(params, data);
      console.log(`Role ${data.roles} successfully assigned to ${event.user.email}`);
      api.idToken.setCustomClaim(`rules`, "rangerGestUser");
      api.accessToken.setCustomClaim(`rules`, "rangerGestUser");
    } catch (err) {
      console.log(err);
      // Handle error.
    }
  }
};

It might be worth refactoring the code to abstract the assignRolestoUser as a helper function.

Let me know how this goes for you.

Thanks,
Rueben

dpatrone1 · April 30, 2024, 8:42am

hi @rueben.tiow,
thanks for your help your code solved my problem <3

system · May 14, 2024, 8:43am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Action for assigning default Role does not work Help	11	4007	April 22, 2022
Adding roles to users post-registration using actions Help	2	7308	January 4, 2022
I am unable to add the role which was added during the first login to the access token Help management-api , roles	3	866	June 12, 2024
Role set on first login, but deleted on subsequent login Help auth0 , roles	8	1422	September 15, 2022
Add a Default Role to a New User on First Login Knowledge Articles management-api , roles , rbac	1	24921	May 29, 2019

Auto role adder based on application source

Related Topics