I can see roles in Raw JSON for my federated users login, can't see them in my Custom Action

I’ve created an application instance in Auth0 and when I log in to my app (asp.net core blazor) with an authorized federated account from a third party I can see the expected roles for that user in it’s Auth0 entry - Raw JSON.

I am using this code in a Custom Action and the action is in the Login flow between Start and Complete.

exports.onExecutePostLogin = async (event, api) => {
const roleClaimName = ‘http://schemas.microsoft.com/ws/2008/06/identity/claims/role
if (event.authorization) {
api.idToken.setCustomClaim(roleClaimName, event.authorization.roles);
api.accessToken.setCustomClaim(roleClaimName, event.authorization.roles);

event.authorization.roles is empty. In my AD Enterprise login connection I have Basic Profile, Extended Profile and Get user groups checked.

How can I get access to the roles I’m seeing in my Auth0 User’s Raw JSON? (showing as " “roles”: [

Thank you! :slight_smile:

For anyone curious about this, I heard back on the ticket i created and the answer is we still need to do a Rule for this as Actions do not yet have access to roles provided by a third party identity provider