Cannot see role in User.Identity object

I have used the sample Asp.Net MVC Core app to integrate my auth. I can login/out and see user profile details etc but the role claim isn’t appearing in the User.Idenity object.


I’ve created a rule
function setRolesToUser(user, context, callback) {
// Roles should only be set to verified users.
if (! || !user.email_verified) {
return callback(null, user, context);

user.app_metadata = user.app_metadata || {};
// You can add a Role based on what you want
// In this case I check domain
const addRolesToUser = function (user) {
const endsWith = ‘’;

if ( && - endsWith.length,
) === endsWith
) {
return [‘admin’];
return [‘user’];

  const roles = addRolesToUser(user);

  user.app_metadata.roles = roles;
    .updateAppMetadata(user.user_id, user.app_metadata)
    .then(function () {
      context.idToken['https://mealsaverapp/roles'] = user.app_metadata.roles;
      callback(null, user, context);
    .catch(function (err) {

I pre-populated the ‘admin’ role into two different users that I created and testing the rule shows the role appearing. However, when I run the app (locally and in Azure) the only claims I get are the ‘standard’ ones associated with the sample app. The NameClaimType comes through, but the RoleClaimType does not.

Any ideas?

Ok. So, I don’t know if this is actually THE solution, but somehow I’ve managed to get it to work.

I added another authentication scheme in the Startup.cs for JwtDefaults and then added .AddJwtBearer with the authority and audience as options and… now it works!

1 Like

Thanks for sharing your solution!