How do I read the audience inside a rule?

Hi,

There will be a different audience for each deployment environment.
I’m using the password flow to make and test the tokens.
The dotnet core API is going to be done around OAuth like in these samples: GitHub - auth0-samples/auth0-aspnetcore-webapi-samples: Auth0 Integration Samples for ASP.NET Core WebAPI Services, so it’s gonna use JWT tokens created by an app.

And I was trying to push the user roles into the tokens. It works with a rule like this that I’ve taken from other examples like this one: Get the user role on Login.

function (user, context, callback) {
  var roles = user.roles || (context.authorization && context.authorization.roles);
  if (roles && roles.length)
  {
        var ns = 'https://localhost:8443/api/';
		context.accessToken[ns + 'roles'] = roles;
		context.idToken[ns + 'roles'] = roles;
  }
  
  return callback(null, user, context);
}

This is what I get as claims in the API, from the token, which is great:

[
    {
        "type": "https://localhost:8443/api/roles",
        "value": "Demo"
    },
    {
        "type": "https://localhost:8443/api/roles",
        "value": "User"
    },
...

But that means I had to hard code a namespace that is my audience and that’s not going to work with my deployment environments.
It doesn’t work without a namespace – so ‘context.accessToken.roles’ doesn’t end up in the claims, and that namespace cannot be my domain – for some obscure reason. :slight_smile:
To avoid hard coding my audience, I was looking into getting it from somewhere inside the rule, but I did not manage.

Also I might be doing this the wrong way, from the design pov.

Any help would be appreciated,

Thanks

Hi @lnaie

See this doc:

Namespaces are arbitrary identifiers, they do not need to be based on the audience. Is there a reason you need different claim namespaces for the different environments?

John

1 Like

Ok,
I see your point.

Thanks a lot,
Lucian

Hey there!

As Rules & Hooks are being fully deprecated soon, maybe you’re interested in finding out more how to achieve that with Actions?

As this topic is related to Rules - Hooks - Actions, I’m excited to let you know about our next Ask me Anything session in the Forum on Thursday, January 18 with the Rules, Hooks and Actions team on Rules & Hooks and why Actions matter! Submit your questions in the thread above and our esteemed product experts will provide written answers on January 18. Find out more about Rules & Hooks and why Actions matter! Can’t wait to see you there!

Learn more here!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.