Continuing the discussion from How do I add a default role to a new user on first login?:
Following this discussion, I implemented the rule to add the default role.
This will however only add the granted permissions when the user logs in a second time.
How can I make sure that the user gets his role & permissions even in the first logins token?
I have the same problem. Have you found a solution yet?
Iāve found an ugly hack, but not really a solution: The client has to immediately refresh on first login. The second token will be correct.
Iām also looking for a solution that will include the permissions in the access token on first login without forcing the client to refresh the access token. @dan.woda Are you able to assist and update the FAQ?
There are several threads on this topic with no clear answer:
You will have to force a token refresh on first login to get the roleās permissions in the AT. You should be able to do this silently without the user providing credentials.