Hello!
I’ve been previously using a Rule to auto-assign a role to a new user on their signup for passwordless. I created a new tenant and was dismayed to learn that I can’t re-use the Rule I was using for this, that I had to create a custom Action instead.
Looking through documentation and these forums, I found two approaches. My preferred approach would be to use a post-registration action:
const auth0Sdk = require("auth0");
exports.onExecutePostUserRegistration = async (event) => {
const ManagementClient = auth0Sdk.ManagementClient;
// This will make an Authentication API call
const management = new ManagementClient({
domain: event.secrets.domain,
clientId: event.secrets.clientId,
clientSecret: event.secrets.clientSecret
});
await management.users.assignRoles(
{ id: event.user.user_id },
{ roles: [event.secrets.roleId]},
(error) => {
if (error) {
console.log(error);
}
}
);
};
This worked for a test, but when running on a signup, the event.user.user_id
is blank. To my knowledge, I can’t call the Management API to update a user without the user’s id
.
Per some of the discussion here, I also tried the post-login flow.
exports.onExecutePostLogin = async (event, api) => {
if (event.stats.logins_count !== 1) {
return;
}
const ManagementClient = require('auth0').ManagementClient;
const management = new ManagementClient({
domain: event.secrets.domain,
clientId: event.secrets.clientId,
clientSecret: event.secrets.clientSecret
});
const params = { id : event.user.user_id };
const data = { "roles" : [event.secrets.roleId] };
try {
await management.assignRolestoUser(params, data);
} catch (e) {
console.log(e);
// Handle error
}
};
This also worked in a test, but when I did a signup with it deployed into the flow, this didn’t even run for a passwordless login.
What am I missing here? My company’s use of the Auth0 product depends on this flow working. Is there a way to do this?