Problem statement
We want to assign Role access for a given authentication provider (ex. Azure AD) BEFORE the user ever logs in. It seems that we can only select from users who have previously logged in, but we want to setup Role assignments before users log in.
Is there any way to pull all users from Active Directory to Auth0 proactively, without them login in first via Auth0?
We would like to have all users in our system so we can then proactively assign specific settings to their profiles before their first login.
Cause
Unfortunately, you cannot create roles for a user that does not exist yet, and there is no way to pull these user’s from Azure AD before they log in. The only option would be to assign the Role to the user on their first login.
Solution
If you are using the Authorization Core, you can leverage the Management API in a Rule to assign a role on the user’s first login based on login count. This community post provides an example for how to accomplish this: