Added rule Which I have it, getting roles and permissions separately as part of access token, attached the decode token below. But I am expecting json response as below roles and permissions need to be associated like below as part of access token
- role-a
create:orders
update:orders
- role-b
create:products
update:products
delete:products
list:products
// rule
async function(user, context, callback) {
const namespace = ‘https://user’;
const map = require(‘array-map’);
const ManagementClient = require(‘auth0@2.17.0’).ManagementClient;
const management = new ManagementClient({
token: auth0.accessToken,
domain: auth0.domain
});const params = { id: user.user_id, page: 0, per_page: 50, include_totals: true };
const permissions = await management.getUserPermissions(params);
const assignedPermissions = map(permissions.permissions, function (permission) {
return permission.permission_name;
});const assignedRoles = context.authorization ? context.authorization.roles : null;
if (context.idToken) {
const idTokenClaims = context.idToken;
idTokenClaims[${namespace}/roles
] = assignedRoles ? assignedRoles : [“Guest”];
idTokenClaims[${namespace}/permissions
] = assignedPermissions;
context.idToken = idTokenClaims;
}if (context.accessToken) {
const accessTokenClaims = context.accessToken;
accessTokenClaims[${namespace}/roles
] = assignedRoles ? assignedRoles : [“Guest”];
accessTokenClaims[${namespace}/permissions
] = assignedPermissions;
context.accessToken = accessTokenClaims;
}
console.log(user.user_metadata);
if (context.idToken && user.user_metadata) {
context.idToken[namespace + ‘/user_metadata’] = user.user_metadata;
context.accessToken[namespace + ‘/user_metadata’] = user.user_metadata;
}
console.log(user.app_metadata);
if (context.idToken && user.app_metadata) {
context.idToken[namespace + ‘/app_metadata’] = user.app_metadata;
context.accessToken[namespace + ‘/app_metadata’] = user.app_metadata;
}
callback(null, user, context);
}
// jwt decoded token
{
"https://user/roles": [
"role-a",
"role-b"
],
"https://user/permissions": [
"create:role_members",
"create:users"
],