Hello All,
I am currently using auth0 authentication in my flutter application for login. So far it returns an access token and ID Token which I have got to have the payload of user name, email, profile pic etc. I am trying to use auth0 actions to include a users permission scopes but this is proving very tough. I am using a native Application in auth0 for the authentication but I have had success making curl requests to a machine-machine api in auth0 and returning user scopes. This is the code in flutter for some background `// AuthService.dart
import ‘package:auth0_flutter/auth0_flutter.dart’;
class AuthService {
late final Auth0 auth0;
AuthService() {
auth0 = Auth0(“toothtrack.uk.auth0.com”, “msGZeRYVaru9GhEE1bF4lCC3qRQD1MCQ”);
}
// Updated to return a Map containing both the Access Token and ID Token.
Future<Map<String, String?>> login(String scheme) async {
try {
final result = await auth0.webAuthentication(scheme: scheme).login();
if (result.accessToken != null && result.idToken != null) {
print(“Access Token: ${result.accessToken}”);
print(“ID Token: ${result.idToken}”); // Assuming ID token is now accessible
return {
‘accessToken’: result.accessToken,
‘idToken’: result.idToken, // Store the ID token
};
} else {
return {};
}
} catch (e) {
print(“Login error: $e”);
return {};
}
}
Future logout(String scheme) async {
try {
await auth0.webAuthentication(scheme: scheme).logout();
print(“Logout successful.”);
} catch (e) {
print(“Logout error: $e”);
}
}
}
And the Auth0 Action :
function (user, context, callback) {
// Access user data from the rule context
const { roles } = user; // Assuming user object contains roles
// Modify the ID token payload
context.idTokenClaims = {
…context.idTokenClaims, // Keep existing claims
permissions: roles, // Add user permissions as “permissions” claim
};
callback(null, user, context); // Pass modified user and context
}
` I am hoping for someone to point me in the right direction. Thanks