Post-login flow doesn't seem to be firing when a user logs in via Azure AD

As the title says, we have 2 login methods, username/password and Azure Active Directory. When a user logs in via username and password the login flow fires correctly. When a user logs in via Azure AD the login flow doesn’t seem to fire. We built the application around a slightly old methodology of using a post-login flow to add a users roles to the user object. The custom action looks like this:

exports.onExecutePostLogin = async (event, api) => {
  const namespace = ‘{staging_site_url}’;
  const assignedRoles = (event.authorization || {}).roles;

  api.idToken.setCustomClaim(namespace, assignedRoles);
  api.accessToken.setCustomClaim(namespace, assignedRoles);

This fires and works perfectly via username and password login, but not at all via Azure AD. What am I missing? I know I could re-write to use the management API but that’s the nuclear option at the moment.

Hi @GarryWelding,

Welcome to the Auth0 Community!

The Post Login Action flow should execute for your Azure AD connection.

Could you try adding a console.log() statement in your script and use the Real-time Webtask Logs to check if your script is running when a user logs in with an Azure AD connection?

Please let me know how it goes.


So looking into it and using console.log() and that extension it appears that event.authorization.roles is only set one first login, every other request after that when a user is already authorized doesn’t have it set. So all subsequent requests don’t contain the roles. We used to use the old style actions and this worked fine but it’s obviously not the same for the new actions within “flows”. I’ve managed to put a hacky fix in for now but looks like we’ll have to re-write it.

1 Like

@GarryWelding We are encountering the same issue when migrating from Rules to Actions. I see you implemented a fix. Would you be able to share your approach?

1 Like

Unfortunately we never found a solution to this. We had to change our application to manage roles instead.

1 Like