I’m using the Authorization extension to manage my groups and roles meaning update data on user app_metadata.
The problem is it only takes effect after the user first login. when the first login occurs it returns an access token that does not contain the user
app_metadata (the required groups and roles) and only then update the user
app_metadata using the auth0 rules. I guess it happens because the access token is JWT and it is stateless so when I use this access token to retrieve the user info it doesn’t contain the groups and permissions.
My flow :
client login to auth0 -> client gets access token -> client send access token to the backend -> backend verify the user info from auth0.
How can I get the user
app_metadata on first login?