Permission claim empty if logging on using Organization


Permission claim in token is empty when logging on to an application as an organization team member.

When accessing the application as an individual, the permission claim is populated.

RBAC is enabled and include permission in access token is enabled. The permission claim exists in the token in both cases, however for the organization the permission array is empty.

Is this a bug or is it intended?

Thank you,

Hi @nahvinden,

Welcome to the Auth0 Community!

I understand that you encountered issues populating the permissions claim in the token when logging in with an Organization.

After testing this myself, I was able to reproduce the same observations as you. That is, the permissions array is empty when logging in with an Organization.

I will follow up with our Engineering teams to see if this is a bug.

For now, one workaround is to create a Post-Login action to add the Permissions as a custom claim in the token.

To do so, I recommend using the Management API in Actions to call the Get a User’s Permission endpoint to include the permissions into the Token.


I hope this helps!

Please let me know how this goes for you.


1 Like

Thanks a lot, @rueben.tiow!


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Hi all,

I am backward linking to the solution found here: