Hi @mattbara !
In general, you’d avoid making requests to the Management API v2 from Single Page Apps, unless it’s an app that specifically needs to manage user details and update values on user_metadata.
Instead, when you want an application to receive additional user information that is not part of the OIDC profile (like the roles) as a custom claim in the ID token. Check the doc for more details, but you’d be creating a rule that looks like this:
function(user, context, callback) {
// the claim namespace doesn't have to resolve to a real resource, but
// it should be a valid URL, and it can't be an Auth0 domain
const claimNamespace = "http://yourapp.com/claims/";
// user.roles comes pre-populated from the roles assigned
// via the dashboard or API
context.idToken[claimNamespace + "roles"] = user.roles;
callback(null, user, context);
}
If seems that you’ve tried this before, but maybe the namespace was invalid. Can you give this a try?
Your user object will have the roles in the selected claim full name. E.g.
{
"user_id": "xxxx",
"email":"xxx",
"http://myapp.com/claims/roles": ["admin", "manager"]
}
So that you can have:
const ROLES_CLAIM = "http://myapp.com/claims/roles";
var userRoles = user[ROLES_CLAIM];
Hope that helps!