I created a post-login action to attach roles on the idToken but the event auth roles come empty.
My app is using the Google Workspace authentication.
This is the code of my action
As a workaround I am fetching from the user app_metadata but that isn’t ideal because I have to manually update the app_metadata for each user so it matches the real Auth0 roles.
Any idea what am I missing? I wonder if I need to enable an extra permission to the web application.