Hi,
I am building role-based access control ([RBAC], I want to get users role-based permission in my access token. So I wrote a rule as follows.
Now am getting scope inside a namespace parameter.
ie
{
“http://user.com/roles”: [
“vendor”
],
“http://scope.com/scope”: [
“create:users”,
“delete:users”,
“read:users”,
“update:users”
],
“nickname”: “dibeesh”
}
But am doing jwt validation as per this documentation Auth0 Node (Express) API SDK Quickstarts: Authorization
and they want scope inside token in a format like below
{
“http://user.com/roles”: [
“vendor”
],
“scope”: [
“create:users”,
“delete:users”,
“read:users”,
“update:users”
],
“nickname”: “dibeesh”
}
So I tried to pass ‘permission’ without namespaces in the ‘rule’, but it’s not working for me, and I read that 'Removing the namespace from custom claims isn’t
possible’ie (Custom claim without namespace)
eg://
context.idToken[‘scope’] = permissionsArr;
How to achieve scope validation using without passing scope as namespace?
function (user, context, callback) {
var map = require(‘array-map’);
var ManagementClient = require(‘auth0@2.17.0’).ManagementClient;
var management = new ManagementClient({
token: auth0.accessToken,
domain: auth0.domain
});
const namespace = ‘http://scope.com’;var params = { id: user.user_id, page: 0, per_page: 50, include_totals: true };
management.getUserPermissions(params, function (err, permissions) {
if (err) {
// Handle error.
console.log('err: ', err);
callback(err);
} else {
var permissionsArr = map(permissions.permissions, function (permission) {
return permission.permission_name;
});
context.idToken[namespace + ‘/scope’] = {
scope: permissionsArr
};
context.idToken[‘scope’] = permissionsArr;
}
callback(null, user, context);
});
}