Auth0 Home Blog Docs

Created Extension with Roles and Permissions but How can Front-end Get This info


I created an extension called “Auth0 Authorization” with four defined roles and four defined permissions. I assigned these to two users.
I then go to “Users” in the dashboard and it looks great.
I see in “Users” section that in “app_metadata” the user has the newly defined roles (see json below).
However, in my front-end SPA website written in Angular, I’m unable to get the “app_metadata”.
What code do I need from my front-end Angular website to access the “app_metadata”?
Note, the tutorial gave me the code to access “profile” info. But this didn’t include “app_metadata”.
Can you please provide sample code on how to extract from Auth0 the roles that the user has when they login?
“roles”: [
“authorization”: {
“roles”: [
“permissions”: [


@juan.vega the front-end can get this in one of two ways.

  1. Create a rule that adds this data to the id_token and have the front-end parse that.

  2. Create an API endpoint in your API that will read the access_token or the user.app_metadata stored in Auth0 and return that data.

Depending on how many roles and groups a user has it would be good to only include the necessary groups and roles for this application.


Thanks I was able to get this working using the following rule:

function (user, context, callback) {
user.app_metadata = user.app_metadata || {};
context.idToken[‘’] = user.app_metadata.authorization.roles;
callback(null, user, context);

So now on the front-end when I print to the console, I see the following:[“physician-user”],

I can pull out name and nickname very easily like this:

public getProfile(cb): void {
const accessToken = localStorage.getItem(‘access_token’);
if (!accessToken) {
throw new Error(‘Access token must exist to fetch profile’);

const self = this;
this.auth0.client.userInfo(accessToken, (err, profile) => {
  if (profile) {
    self.userProfile = profile;
    console.log('profile from auth.service.ts');

  cb(err, profile);


But how can I pull out the actual role which is tied to a URL.

In other words, I can pull out “name” and “nickname”.

But I can’t figure out how to access the role “physician-user” as found in this section “[“physician-user”],

If I say something like

I get all kinds of errors.

Any suggestions?



@juan.vega in JavaScript you can use bracket notation that getproperties that are not compatible with dot notation.

Try: self.userProfile[''] to access the value.


Thank you so much… that worked.

Much appreciated.


1 Like
closed #6