I can see roles in Raw JSON for my federated users login, can't see them in my Custom Action

I’ve created an application instance in Auth0 and when I log in to my app (asp.net core blazor) with an authorized federated account from a third party I can see the expected roles for that user in it’s Auth0 entry - Raw JSON.

I am using this code in a Custom Action and the action is in the Login flow between Start and Complete.

exports.onExecutePostLogin = async (event, api) => {
const roleClaimName = ‘http://schemas.microsoft.com/ws/2008/06/identity/claims/role
if (event.authorization) {
api.idToken.setCustomClaim(roleClaimName, event.authorization.roles);
api.accessToken.setCustomClaim(roleClaimName, event.authorization.roles);

event.authorization.roles is empty. In my AD Enterprise login connection I have Basic Profile, Extended Profile and Get user groups checked.

How can I get access to the roles I’m seeing in my Auth0 User’s Raw JSON? (showing as " “roles”: [

Thank you! :slight_smile:

For anyone curious about this, I heard back on the ticket i created and the answer is we still need to do a Rule for this as Actions do not yet have access to roles provided by a third party identity provider

Hey there!

As this topic is related to Actions and Rules & Hooks are being deprecated soon in favor of Actions, I’m excited to let you know about our next Ask me Anything session in the Forum on Thursday, January 18 with the Rules, Hooks and Actions team on Rules & Hooks and why Actions matter! Submit your questions in the thread above and our esteemed product experts will provide written answers on January 18. Find out more about Rules & Hooks and why Actions matter! Can’t wait to see you there!

Learn more here!