In action post-login event authorization roles is empty

I created a post-login action to attach roles on the idToken but the event auth roles come empty.


My app is using the Google Workspace authentication.

This is the code of my action

As a workaround I am fetching from the user app_metadata but that isn’t ideal because I have to manually update the app_metadata for each user so it matches the real Auth0 roles.

Any idea what am I missing? I wonder if I need to enable an extra permission to the web application.

Hi @turbo,

Can you please DM me the name of the tenant and an example user who has roles assigned. I’d like to take a look at the configuration. Thanks!

1 Like