Not receiving Roles in Access Token (Blazor WASM SPA)

Hello,
I’m trying to apply Role Based Authorization in my Blazor WASM SPA. My main use case would be to use the [Authorize(Role = “SomeRole”)] attribute on my components.

For some reason, the Roles I assign to a user don’t appear in the ID Token (as expected), but they don’t appear in the Access Token either.
This is my config in program.cs:
image

I found the above config here:

I can confirm that the Role has indeed been assigned to the user I’m logged in with.

The Access Token Looks like this:
image

The ID Token looks like this:
image

How come the roles do not get passed along with the Access Token?
Note I also enabled the following in the API settings:
image

As an alternative, it seems like I can use the Permissions from the Access Token instead. Even though I feel like this defeats the purpose of Roles existing out of multiple permissions completely.
I hope someone can help me out here.
Thanks in advance!

Hi @AuthUser,

Welcome to the Auth0 Community!

You will need to set up an action to add roles to the token in a custom claim. Here is an example:

Hi @dan.woda

Thanks for your response.
I gave the Actions a try, but for some reason; they didn’t work for me.

After a couple of tries, I found out about the “Rules”, which did the trick for me.

I use an altered version of this function:

function (user, context, callback) {
  const namespace = 'http://demozero.net';
  const assignedRoles = (context.authorization || {}).roles;

  let idTokenClaims = context.idToken || {};
  let accessTokenClaims = context.accessToken || {};

  idTokenClaims[`${namespace}/roles`] = assignedRoles;
  accessTokenClaims[`${namespace}/roles`] = assignedRoles;

  context.idToken = idTokenClaims;
  context.accessToken = accessTokenClaims;

  callback(null, user, context);
}
1 Like

Great, thanks for posting for solution.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.