panda
March 22, 2020, 6:24pm
1
I successfully generated a SPA from the Quick start. Login/private routes, etc are working as expected.
Now how do I get user permissions in order conditionally render the UI? I have added roles/permissions users and a rule per this example .
Is this a common use case? I would think so but I can’t really find a clear answer wading through your docs.
Hi @panda ,
yes, this question has been asked before.
Now how do I get user permissions in order conditionally render the UI?
RBAC only adds permissions to the access token, not ID token. However, you’d need it in the ID token, because only that one is meant to be parsed in the SPA client, the access token is not.
Therefore, see:
http://community.auth0.com/t/how-do-i-add-user-permissions-to-id-token/28611
Alright thanks @mathiasconradt I’m finally cooking with butter over here…
I’m pasting my rule that augments the idToken with user permissions here for others:
function (user, context, callback) {
var map = require('array-map');
var ManagementClient = require('auth0@2.17.0').ManagementClient;
var management = new ManagementClient({
token: auth0.accessToken,
domain: auth0.domain
});
var params = { id: user.user_id, page: 0, per_page: 50, include_totals: true };
management.ge…