Is there a way to add a Social Login user to a role or org before they sign in the first time?

jgleason · June 10, 2022, 8:34pm

Currently we have to have users login with their Google creds before we can add their roles and orgs. Is there a way to anticipate that they will be signing in and add the roles to a placeholder ahead of time? It seems tough to have to have them sign in get a unauthorized response then wait while I run the commands.

rueben.tiow · June 10, 2022, 10:46pm

Hi @jgleason,

Thanks for reaching out to the Auth0 Community!

I understand that you are trying to add Roles and Organization to a user before they attempt to log in the first time.

In this situation, I recommend leveraging the Post-Login Action script to check for the user’s login_count and determine if it’s their first time logging in and adding the roles and Organization to their user profile.
See an example of adding members to an Organization below:

exports.onExecutePostLogin = async (event, api) => {
  const ManagementClient = require('auth0').ManagementClient;
  
  if(event.stats.logins_count === 1){
    const management = new ManagementClient({
        domain: event.secrets.domain,
        clientId: event.secrets.client_id,
        clientSecret: event.secrets.client_secret,
    });
    var params =  { id :'YOUR_ORG_ID'};
    var data = { members: [ event.user.user_id ] }
    management.organizations.addMembers(params, data, function (err) {
        if (err) {
            // Handle error.
        }
    });
  }
};

Please see this FAQ to learn more about using the Management API in Actions.

Please let me know if you help with this.

Thank you!

jgleason · June 14, 2022, 4:35pm

The problem here is I would need to know what org to add the user to in your example this is hard-coded. I would assume I would need to store this somewhere and deleted once added successfully?

rueben.tiow · June 15, 2022, 5:29pm

Hi @jgleason,

Thank you for your response.

Yes, that is correct. You will need to know what Organization to add to the user. Moreover, instead of hardcoding the org_id, I recommend storing the org_id as an Action secret, which is suitable for storing sensitive information.

This way, you can add the user to the Organization and will not need to delete the Organization ID after adding successfully.

I hope this helps!

Please let me know if you have any additional questions.

Thank you.