Can't auto-assign role to a passwordless email signup

bkease · January 10, 2024, 1:58pm

Hello!

I’ve been previously using a Rule to auto-assign a role to a new user on their signup for passwordless. I created a new tenant and was dismayed to learn that I can’t re-use the Rule I was using for this, that I had to create a custom Action instead.

Looking through documentation and these forums, I found two approaches. My preferred approach would be to use a post-registration action:

const auth0Sdk = require("auth0");

exports.onExecutePostUserRegistration = async (event) => {
	const ManagementClient = auth0Sdk.ManagementClient;

	// This will make an Authentication API call
  const management = new ManagementClient({
    domain: event.secrets.domain,
    clientId: event.secrets.clientId,
    clientSecret: event.secrets.clientSecret
  });

	await management.users.assignRoles(
		{ id: event.user.user_id }, 
		{ roles: [event.secrets.roleId]}, 
		(error) => {
			if (error) {
        console.log(error);
			}
		}
	);
};

This worked for a test, but when running on a signup, the event.user.user_id is blank. To my knowledge, I can’t call the Management API to update a user without the user’s id.

Per some of the discussion here, I also tried the post-login flow.

exports.onExecutePostLogin = async (event, api) => {
  if (event.stats.logins_count !== 1) {
    return;
  }

  const ManagementClient = require('auth0').ManagementClient;

  const management = new ManagementClient({
      domain: event.secrets.domain,
      clientId: event.secrets.clientId,
      clientSecret: event.secrets.clientSecret
  });

  const params = { id : event.user.user_id };
  const data = { "roles" : [event.secrets.roleId] };

  try {
    await management.assignRolestoUser(params, data);
  } catch (e) {
    console.log(e);
    // Handle error
  }
};

This also worked in a test, but when I did a signup with it deployed into the flow, this didn’t even run for a passwordless login.

What am I missing here? My company’s use of the Auth0 product depends on this flow working. Is there a way to do this?

rueben.tiow · January 10, 2024, 8:14pm

Hi @bkease,

Welcome to the Auth0 Community!

Yes, it is recommended to use the Post-Login Flow for this case.

After reviewing your code snippet in your Post Login action script, I noticed that you are using the outdated method to assign roles to a user, specifically management.assignRolestoUser.

The correct method now for assigning roles to a user is management.users.assignRoles(), just as you did in your Post-User Registration Action script.

(Reference: UsersManager | auth0)

Could you please give that a try and let me know how it goes for you?

Thanks,
Rueben

bkease · January 11, 2024, 3:53pm

Thanks for the response! As I mentioned, the post-login flow is not running for me with the passwordless email login. The post-registration flow always runs, but the post-login flow never does.

rueben.tiow · January 11, 2024, 10:28pm

Hi @bkease,

Thanks for the reply.

Have you made sure that your Post-Login Action script was attached to the flow?

If so, you could include console.log() statements and monitor the logs using the Real-time Webtask Logs Extension.

Cheers,
Rueben

system · January 25, 2024, 10:28pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Action for assigning default Role does not work Help	11	4007	April 22, 2022
Adding roles to users post-registration using actions Help	2	7308	January 4, 2022
Post Registration Event assign roles to registered user Help	11	3981	December 22, 2022
Adding user to default role, passwordless flow Help	5	5105	June 25, 2021
Add default Role via Rule after sign up New User does not add this role to the user in the Management Portal Help sdk , auth0 , rule	4	2470	January 19, 2022

Can't auto-assign role to a passwordless email signup

Related Topics