How to assign "admin" role, when new user signs up?

chetanbc · February 11, 2023, 7:47am

Hello!

I want to assign “admin” role the new user who signup through auth0 dashboard. All users who will be created by admin, will be assigned roles by admin to them. So when the users created by admin, login through dashboard, they should still have the roles assigned by admin and not the role “admin” itself.
So in short, only the users who signup through dashboard should have “admin” role and rest of users role is decided by admin.

Please suggest how this default role assignment can be done during signup.

rueben.tiow · February 13, 2023, 4:45pm

Hi @chetanbc,

Thanks for reaching out to the Auth0 Community!

I recommend using the Management API’s Assign roles to a user endpoint inside an Auth0 Pre-registration Action script to assign your users to the “admin” role.

Here is a sample:

exports.onExecutePostUserRegistration = async (event, api) => {

  const ManagementClient = require('auth0').ManagementClient;

  const management = new ManagementClient({
      domain: event.secrets.domain,
      clientId: event.secrets.clientId,
      clientSecret: event.secrets.clientSecret,
  });

  const params =  { id : event.user.user_id};
  const data = { "roles" : ["ROLE_ID"]};

  try {
    const res = await management.assignRolestoUser(params, data)
  } catch (e) {
    console.log(e)
    // Handle error
  } 
};

I recommend checking out our How can I use the Management API in Actions? FAQ for more instructions.

Please let me know if there is anything else I can do to help.

Thanks,
Rueben

chetanbc · February 15, 2023, 2:43pm

Hi @rueben.tiow ,

Thank you for the reply. But I am getting error message about ‘user_id’ not being present in event.user object. What am I missing here? Is it because the user_id is not present before the registration?

Property ‘user_id’ does not exist on type ‘{ username?: string | undefined; email?: string | undefined; app_metadata?: AppMetadata0 | undefined; user_metadata?: UserMetadata0 | undefined; name?: string | undefined; … 4 more …; picture?: string | undefined; }’.

rueben.tiow · February 15, 2023, 11:30pm

Hi @chetanbc,

Thank you for your response and for testing this for me.

After checking the Pre User Registration Action’s event object, I can confirm that the user_id is unobtainable.

In this case, I made an adjustment to the code to use a Post User Registration Action. This should fix the issue.

Please let me know how this goes for you.

Thanks,
Rueben

chetanbc · February 16, 2023, 6:20pm

Hi @rueben.tiow ,

Thanks for the modifications. It does add roles to user. But it assigns role to both users registered through ‘auth0 login page’ and users created by admin. I wanted to achieve the former only.

I guess the best way for me is to create some button in frontend, say, “get paid account” and when user actually clicks it, I can internally call management api to assign the Admin role. And of-course the user can get paid account only if he pays for it.

Anyhow thanks for your inputs.

rueben.tiow · February 16, 2023, 7:55pm

Hi @chetanbc,

Thank you for your response.

It may be possible to do this if the admin creates these users with some user_metadata value, for example "created_by_admin": true, and using it in the Action to check if this condition is false.

if(!event.user.user_metadata.created_by_admin){
  try {
    const res = await management.assignRolestoUser(params, data)
  } catch (e) {
    console.log(e)
    // Handle error
  } 
}

That sound’s good!

Please reach out again if you have any questions.

Thanks,
Rueben

system · March 2, 2023, 7:55pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.