Cannot set data to APP_METADATA.ROLES

dev54 · April 5, 2023, 8:29pm

Hey guys im trying to set data to the app_metadata.authorization.roles using flows post-login and post-registration.

So far Im assigning the roles created using management.assignRolestoUser, I assumed this method would auto add the role in question to the app_metadata.authorization.roles, but it does not.

Im using this code to set the roles using a post-login. it works for the first time the user logs in, but if I use the management api else where to update user metadata, the app_metadata.authorization.roles resets automatically to an empty array.

app_metadata.authorization.roles=["ROLENAME"] to app_metadata.authorization.roles=[]

code im using.

exports.onExecutePostUserRegistration = async (event, api) => {
const ManagementClient = require(‘auth0’).ManagementClient;
const management = new ManagementClient({
domain: String(event.secrets.DOMAIN),
clientId: String(event.secrets.ID),
clientSecret: String(event.secrets.SECRET),
scope: String(event.secrets.SCOPE),
audience: String(event.secrets.AUDIENCE),
});

const params = { id: event.user.user_id };
const data = { “roles”: [String(event.secrets.ROLEUSER)] };
const userDetails = {
app_metadata: {
roles: [“UNIQUEROLENAME”],
},
};
try {
const res = await management.assignRolestoUser(params, data);
// assign role details to app_metadata
const res2 = await management.updateUser(params, userDetails);
} catch (e) {
console.log(e)
}
};

rueben.tiow · April 7, 2023, 3:04am

Hi @dev54,

Thanks for reaching out to the Auth0 Community!

Unfortunately, the management.assignRolestoUser method only assigns the Roles to the user and does not automatically assign them to the app_metadata.

To set the app_metadata inside a Post-Login Action, please call the api.user.setUserMetadata(name, value) method. Please note that the API object is not callable in a Post-User Registration Action.

(Reference: Actions Triggers: post-login - API Object)

For example:

exports.onExecutePostUserRegistration = async (event, api) => {
  const ManagementClient = require(‘auth0’).ManagementClient;
  const management = new ManagementClient({
    domain: String(event.secrets.DOMAIN),
    clientId: String(event.secrets.ID),
    clientSecret: String(event.secrets.SECRET),
    scope: String(event.secrets.SCOPE),
    audience: String(event.secrets.AUDIENCE),
  });

  const params = { id: event.user.user_id };
  const data = { “roles”: [String(event.secrets.ROLEUSER)] };
  const userDetails = {
    app_metadata: {
      roles: [“UNIQUEROLENAME”],
    },
  };
  try {
    const res = await management.assignRolestoUser(params, data);
    // assign role details to app_metadata
    api.user.setUserMetadata("roles", "UNIQUEROLENAME")
  } catch (e) {
    console.log(e)
  }
};

Let me add that this can also be accomplished by calling the ManagementClient updateAppMetadata method if preferred.

I hope this helps!

Please reach out again if you have any further questions.

Thanks,
Rueben

system · April 21, 2023, 3:04am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.