Rule and action with the same business logic behave differently during post login

Hi! I’ve tried to add custom claims (role assigned to the user) to my token by following the documentation: Add user roles to ID and Access tokens. However, I can see in the token returned to my web app that these claims are not inserted. I think this is due to the fact the object event.authorization is null.

However, when I create an action that does the same:

function (user, context, callback) {
  const ns = "";
  context.idToken[ns + 'roles'] = context.authorization.roles;
  callback(null, user, context);

I can see that now the claims are inserted. I also see in the debugger that context.authorization is not null.

Any reason why this might be happening?

1 Like

Hi there @fediazgon welcome to the community!

The code shared is specific to a rule - Just to be clear, is it this code that is working or your Action code?

Please see below for an FAQ on how to add custom claims with an Action. Actions being the newer extensibility feature are preferred to rules.

Let us know!


It’s possible that the event.authorization object is null because it is not available at the time the custom claims are being added to the token. According to the documentation you linked, the event.authorization object is only available for certain event types, such as sso or user signed up.

On the other hand, the context object is available at various points during the authentication flow, and includes information about the current user and their authentication state. It’s possible that the context.authorization object is populated with the necessary information needed to add the custom claims to the token.

Without more information about your specific authentication flow and how it’s configured, it’s hard to say for sure why event.authorization is null in one case and not the other. However, using the context object to add custom claims is a valid approach and is documented by Auth0. hope so it is beneficial for you . Clover Dashboard Login