Cannot set data to APP_METADATA.ROLES

dev54 · April 5, 2023, 8:29pm

Hey guys im trying to set data to the app_metadata.authorization.roles using flows post-login and post-registration.

So far Im assigning the roles created using management.assignRolestoUser, I assumed this method would auto add the role in question to the app_metadata.authorization.roles, but it does not.

Im using this code to set the roles using a post-login. it works for the first time the user logs in, but if I use the management api else where to update user metadata, the app_metadata.authorization.roles resets automatically to an empty array.

app_metadata.authorization.roles=["ROLENAME"] to app_metadata.authorization.roles=[]

code im using.

exports.onExecutePostUserRegistration = async (event, api) => {
const ManagementClient = require(‘auth0’).ManagementClient;
const management = new ManagementClient({
domain: String(event.secrets.DOMAIN),
clientId: String(event.secrets.ID),
clientSecret: String(event.secrets.SECRET),
scope: String(event.secrets.SCOPE),
audience: String(event.secrets.AUDIENCE),
});

const params = { id: event.user.user_id };
const data = { “roles”: [String(event.secrets.ROLEUSER)] };
const userDetails = {
app_metadata: {
roles: [“UNIQUEROLENAME”],
},
};
try {
const res = await management.assignRolestoUser(params, data);
// assign role details to app_metadata
const res2 = await management.updateUser(params, userDetails);
} catch (e) {
console.log(e)
}
};

rueben.tiow · April 7, 2023, 3:04am

Hi @dev54,

Thanks for reaching out to the Auth0 Community!

Unfortunately, the management.assignRolestoUser method only assigns the Roles to the user and does not automatically assign them to the app_metadata.

To set the app_metadata inside a Post-Login Action, please call the api.user.setUserMetadata(name, value) method. Please note that the API object is not callable in a Post-User Registration Action.

(Reference: Actions Triggers: post-login - API Object)

For example:

exports.onExecutePostUserRegistration = async (event, api) => {
  const ManagementClient = require(‘auth0’).ManagementClient;
  const management = new ManagementClient({
    domain: String(event.secrets.DOMAIN),
    clientId: String(event.secrets.ID),
    clientSecret: String(event.secrets.SECRET),
    scope: String(event.secrets.SCOPE),
    audience: String(event.secrets.AUDIENCE),
  });

  const params = { id: event.user.user_id };
  const data = { “roles”: [String(event.secrets.ROLEUSER)] };
  const userDetails = {
    app_metadata: {
      roles: [“UNIQUEROLENAME”],
    },
  };
  try {
    const res = await management.assignRolestoUser(params, data);
    // assign role details to app_metadata
    api.user.setUserMetadata("roles", "UNIQUEROLENAME")
  } catch (e) {
    console.log(e)
  }
};

Let me add that this can also be accomplished by calling the ManagementClient updateAppMetadata method if preferred.

I hope this helps!

Please reach out again if you have any further questions.

Thanks,
Rueben

system · April 21, 2023, 3:04am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can't Assign Roles to users With actions and management API Help login-experience , new-universal-login-experience	4	817	December 12, 2023
Adding roles to users post-registration using actions Help	2	7308	January 4, 2022
Adding Roles from the Authorization Core to each user's raw JSON app_metadata Help roles , authorization-core	2	3179	September 15, 2020
setAppMetadata changes in post-login hook not persisted when calling api.access.deny Knowledge Articles post-login , setappmetadata , api-access-deny	1	1038	May 10, 2023
How to create a multitenant system with roles/permissions? Help management-api , roles	0	589	January 17, 2024

Cannot set data to APP_METADATA.ROLES

Related Topics