Can you please explain is my code right? It do not add default role (id in secrets)
exports.onExecutePreUserRegistration = async (event, api) => {
try {
api.user.setUserMetadata("role", event.secrets.defaultRoleId);
} catch (e) {
console.error(e);
}
};
Hi @lonli.lokli,
I moved this to a new topic because it’s a seperate question.
It looks okay, are you seeing any errors? Can you try logging or debugging to see what is going on?
I do not see any errorrs. I do not know how to debug - Test Custom action works.
I do not see any logging information in Monitoring\Logs, while my action is part of Pre-User Registration flow
Could you please DM me the name of your tenant?
Resolved this via DM.
Here is an action that will add a default role to user and the token, or will add existing roles to the token.
/**
* Handler that will be called during the execution of a PostLogin flow.
*
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onExecutePostLogin = async (event, api) => {
const namespace = "https://YOUR_NAMESPACE";
if (event.authorization && event.authorization.roles.length === 0) {
const ManagementClient = require('auth0').ManagementClient;
const auth0 = new ManagementClient({
domain: event.secrets.DOMAIN,
clientId: event.secrets.CLIENT_ID,
clientSecret: event.secrets.CLIENT_SECRET,
scope: 'read:roles update:users create:role_members',
})
const params = {id: event.user.user_id}
const data = {'roles':[event.secrets.DEFAULT_ROLE_ID]}
await auth0.assignRolestoUser(params,data,(err) => {
if (err) {
console.log('DefaultRoleActionError: ', err)
}
})
api.idToken.setCustomClaim(`${namespace}/roles`, event.secrets.DEFAULT_ROLE_NAME);
api.accessToken.setCustomClaim(`${namespace}/roles`, event.secrets.DEFAULT_ROLE_NAME);
} else if (event.authorization) {
api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
}
};
/**
* Handler that will be invoked when this action is resuming after an external redirect. If your
* onExecutePostLogin function does not perform a redirect, this function can be safely ignored.
*
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
// exports.onContinuePostLogin = async (event, api) => {
// };