Obtaining token info/ user role data from my React application side

joseph.atlas · September 11, 2019, 7:13pm

So I currently have a React SPA using express for server and JWT’s for authentication. I have an auth0-authorization extension setup with the management API and working with a rule set for RBAC. Within my rule set, I am able to log a requiredRules object and compare that against userRoles to see if they have access to the application and this works fine.

But, I would like to create more routing logic throughout the application, for say access to different forms. Is there a way I can grab some sort of user role object from my application to use with more in-app logic? I have ran the HTTP GET/ POST requests for roles but I seem to only be getting the scopes as a response and this doesn’t seem like the best object to be creating log off?

kstrongholte · November 26, 2019, 11:08pm

Are you following the approach outlined here for controlling application access?

If so, then your ID token already contains the user’s roles as custom claims which can then be accessed within your application.

Here’s a screenshot of sample profile data returned in the React Quickstart:

konrad.sopala · November 27, 2019, 2:15pm

Thanks a lot @kstrongholte for sharing that knowledge here!

system · December 12, 2019, 2:15pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.