Welcome to the Auth0 Community!
First, let me explain that the event.authorization.roles property in your Post-Login Action refers only to the Roles assigned to the user through the Authorization Core implementation instead of the Authorization Extension.
In this case, you will want to also add the user’s permissions granted by the role as a custom claim. This is also mentioned in our How to add Roles and Permissions to the ID Token using Actions? FAQ.
Now, as far as why it works in your React App and not in your Next.js App, I am not sure. Have you checked whether your users are being assigned to these roles and permissions in the Authorization Extension specifically for that application?
You will have to verify in the Authorization Extension:
- The permission was created specifically for your Next.js app
- The role was created specifically for your Next.js app
- The user was assigned to the role that is for your Next.js app
For example:
Please let me know how this goes for you.
Thanks,
Rueben