Getting User Permissions During Login Action for Native or SPA

I’m trying to access user permissions during a post-login Action. After looking at several different topics, I have this.

exports.onExecutePostLogin = async (event, api) => {
  const ManagementClient = require('auth0@2.23.0').ManagementClient;

  const management = new ManagementClient({
    clientId: event.client.client_id,
    clientSecret: event.secrets.client_secret,
    domain: event.secrets.domain

  const params = { id: event.user.user_id, page: 0, per_page: 50, include_totals: false };

  let userPermissions = await management.getUserPermissions(params);

I am getting an “accessDenied” error on the call to getUserPermissions. After some more poking around, I see indications that I need to go to the settings for the Auth0 Management API and grant the read:users permission to my application. The catch is, I’m trying to log in with a Native Application, not M2M, so I don’t have a way to grant that permission. Is there a way for a Native App or SPA to use the ManagementClient during a Login Action?

@ryan.moriarty Not sure if you have found the solution to your problem - but if you have not, you can create a separate M2M Application with the proper permissions outside of the Native & SPA apps, and then use the newly generated M2M app’s client_id & client_secret within the Auth0 Action.

Be aware that the Management API calls within the Action is subject to the rate limits of the tenant, so you should look into caching an access token on your end somehow.

More information can be found in this FAQ

1 Like

Thanks for sharing @gparascandolo :smile:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.