Roles not included in custom claim through actions

joel.paredes · June 1, 2022, 3:22pm

Hi!

I need to retrieve the user assigned roles on login. I have added an action that adds a custom claim as follows:

exports.onExecutePostLogin = async (event, api) => {
  const namespace = 'https://example.com';

  if (event.authorization) {
    api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
    api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
  }
}

However, the access token gives

"https://example.com/roles": [],

I am using organizations. I have also activated RBAC in my default audience api and the permissions claim is empty as well.

"permissions": []

Any idea of what is causing this?

joel.paredes · June 1, 2022, 3:48pm

Never mind, I found the issue.

For anyone facing the same as me. I needed to add organization specific roles. Here are the docs:

tyf · June 1, 2022, 6:22pm

Hey @joel.paredes thanks for following up with the solution, glad you were able to get this sorted!

tyf · June 16, 2022, 6:22pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.