Auth0 Home Blog Docs

Manually Added Roles to Access Token is Not Authorizing API Methods

Hello everyone,

I have added roles to the auth0 access token using the JwtSecurityTokenHandler and JwtSecurityToken.

var handler = new JwtSecurityTokenHandler();
var token = handler.ReadToken(jwtToken) as JwtSecurityToken;
token.Payload["http://schemas.microsoft.com/ws/2008/06/identity/claims/role"] = new string[] { "HR","Participant","Teacher"};            
var newjwt = handler.WriteToken(token);

The Roles are added successfully in the access token and I’m able access the roles from the new jwt token by Reading the Token.

var newToken = handler.ReadToken(newjwt) as JwtSecurityToken;
var roleClaims = newToken.Claims.Where(x => x.Type == System.Security.Claims.ClaimsIdentity.DefaultRoleClaimType).Select(x => x.Value).ToList();

But when I send this new token to authorize my API controller method its not authorizing. Its returning 401 Unauthorized.

Kindly help me to make it work and let me know if I need to do any other changes.
Any guidance would be appreciated.