Not receiving Roles in Access Token (Blazor WASM SPA)

Help
1

Hello,
I’m trying to apply Role Based Authorization in my Blazor WASM SPA. My main use case would be to use the [Authorize(Role = “SomeRole”)] attribute on my components.

For some reason, the Roles I assign to a user don’t appear in the ID Token (as expected), but they don’t appear in the Access Token either.
This is my config in program.cs:
image

I found the above config here:

I can confirm that the Role has indeed been assigned to the user I’m logged in with.

The Access Token Looks like this:
image

The ID Token looks like this:
image

How come the roles do not get passed along with the Access Token?
Note I also enabled the following in the API settings:
image

As an alternative, it seems like I can use the Permissions from the Access Token instead. Even though I feel like this defeats the purpose of Roles existing out of multiple permissions completely.
I hope someone can help me out here.
Thanks in advance!

3

Hi @AuthUser,

Welcome to the Auth0 Community!

You will need to set up an action to add roles to the token in a custom claim. Here is an example:

4

Hi @dan.woda

Thanks for your response.
I gave the Actions a try, but for some reason; they didn’t work for me.

After a couple of tries, I found out about the “Rules”, which did the trick for me.

I use an altered version of this function:

function (user, context, callback) {
  const namespace = 'http://demozero.net';
  const assignedRoles = (context.authorization || {}).roles;

  let idTokenClaims = context.idToken || {};
  let accessTokenClaims = context.accessToken || {};

  idTokenClaims[`${namespace}/roles`] = assignedRoles;
  accessTokenClaims[`${namespace}/roles`] = assignedRoles;

  context.idToken = idTokenClaims;
  context.accessToken = accessTokenClaims;

  callback(null, user, context);
}
1 Like
5

Great, thanks for posting for solution.

6

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.