Hey Auth0 team,
Like many, I’m trying to add users to a default Role when they sign up. From Add Default Role to New User Sign-up I understand that Hooks don’t work with Social/Enterprise connections, so I’m using a Rule. We want permissions associated with Roles, so we’re using RBAC.
I’m using the approach described in How do I add a default role to a new user on first login? to assign the role to a user and it works successfully, but the token permissions don’t get updated after a role assignment just like After applying a Role to a User using a Rule at signup (first login), the permissions are not in the user's access token describes. The workarounds in that thread are: 1) on the client side, continually get a token until the permissions are non-null 2) use the getTokenSilently
method from the auth0-spa-js
library. Neither of these approaches work for me as we’re using the Device Authorization flow so each time we try to get a new token the user has to confirm the device code.
I also tried using the management client’s getPermissionsForRole method to manually get the permissions for the new role, but the management client doesn’t have the read:roles
permission. What’s the best solution here? Given the quantity of posts about this, it would be a huge help if there was an option to recalculate the token permissions after applying a Rule.
Cheers,
mieubrisse