Question - Is it possible for Auth0 to fetch roles from OpenFGA and set it to access_token once user login through Auth0

We wanted to add user roles to access_token from OpenFGA once user login. Please let me know if it’s possible by using some configuration on Auth0 side ?

Hi there @adarsh.singh welcome to the community! I apologize for the delayed response here, but wanted to get back on this one regardless as it’s a great question.

There is no configuration on the Auth0 side that allows for adding FGA roles to access tokens - FGA really isn’t designed to enhance/enrich tokens at all, but rather an API to be called to know if a user has permission to execute a specific action instead of relying on access token claims. The most obvious reason for this is to prevent access token bloat which can quickly become an issue with fine grained access control.

Hope this helps to clarify!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.