Hey folks,
I am struggling to glue together some pieces that, at least in my mind, should work seamlessly:
I have an SPA application and I just want to make one of the users ADMIN - whatever this means in the context of that application. I have tried with permissions (no luck, they require API assignment) or roles, but roles are not returned when authenticating.
What did work was to configure a login flow Login Flow, however permissions is reserved claim that I can’t inject, so I end up using a weird namespace convention (as suggested)
exports.onExecutePostLogin = async (event, api) => {
const namespace = 'https://domain.com';
if (event.authorization) {
api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
}
}
I would not mind switching to an API, but then I could not find how to configure application with users databases.
Any help is welcome, this topic is driving me crazy for past 2 days 
Thanks!