How to check auth0 database user is in Role - in c# for Dummies

Hi

C# all fantastic except i must be such a dummy i cannot see anywhere in this awesome forum or the help guide online after 4 hours of looking any simple examples relating to this so it must be so easy no one ever asked :wink:

I have an Auth0 Tenant setup.
Default DB Connection
A user exists in there which authenticates perfectly and i can list the claims

The user has 3 roles assigned.
RoleAdmin
RoleUser
RoleGuest

But i am unable to verify this in the client end but its there configured plain as day in the server end -

To understand what im doing and missing out- roughly the code flow is like this:

Auth0ClientOptions clientOptions = new Auth0ClientOptions
{
Domain = “XYZ.auth0.com”,
ClientId = “#########ClientID#########”
};
client = new Auth0Client(clientOptions);
clientOptions.PostLogoutRedirectUri = clientOptions.RedirectUri;

LoginResult loginResult = await client.LoginAsync();

if (loginResult.IsError) return;

—if still here all good yes we do get to here :slight_smile:

–Now i want to test for user in role so we can do some conditional flow

bool isAdmin = loginResult.User.IsInRole(“RoleAdmin”));

Problem: isAdmin is always false even though this is set up server side…

NOTE: Permissions in Roles
Caveat? the Roles have no permissions in and i cant add any that too is past my meager IQ atm :wink:
maybe the lack of permissions is to blame in the role… or i am utterly completely lost
“Select permissions from existing APIs:” when i do this there are none an to add a simple list is not feasible.

any help extremely grateful!!!

many thanks

Tom

I might be even more wrong — but i can only guess that this usage of Roles is not correct its not for the App they relate to user permissions connecting to auth and management api?

So maybe then I would have to create claim and use that in the app - roles are not used app end?

But there is no nice auth0 admin GUI feature for someone untrained to add a claim same way as they can a role.

So we have to create an app to log into the management api and create a set of user claims…i guess :slight_smile:

ok so i was mixed up i thought the Auth0 Admin Dashboard Roles was a nice convenient way to add roles to the App end in C# -a Role in .net is a claim type of role…effectively

So we dont appear to have that from Auth0 Dashboard to Claims to .,NET identity etc

So a temporary work around is this… add the Roles as JSON in the User APP Data

app_metadata
Example JSON:
{
“RoleAdmin”: true
}
–save that for the user -

Now create a rule to add App_Data to the Claims returned by the authenticaion LoginResult in .net

function (user, context, callback) {
var namespace = ‘https://anydomain.com/’;
if (context.idToken && user.user_metadata) {
context.idToken[namespace + ‘user_metadata’] = user.user_metadata;
}
if (context.idToken && user.app_metadata) {
context.idToken[namespace + ‘app_metadata’] = user.app_metadata;
}
callback(null, user, context);
}

and now the claim will appear here in claims = from the user app data… so it can be retrieved!

LoginResult loginResult = await client.LoginAsync();
foreach (var claim in loginResult.User.Claims)
{
Debug.Print ($"{claim.Type}: {claim.Value}");
}

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.