I have created a rule that is updating our users metadata inside of our Auth0 dashboard but the access_token is not being updated with this rule. The decoded token is giving us a scope of “openid profile email”.
When we try the rule in the dashboard under Rules the user object gives me the following:
“app_metadata”: {
“roles”: [
“admin”
]
Am I missing something on how to update scope so our user can be properly changed to admin?
Hello @labs16grantly,
Welcome to the Community!
If you can post the rule that would be great. Are you explicitly adding the metadata attributes to your tokens (e.g. setting context.idToken)? Example here:
Hello @markd,
Thank you for the timely response.
Below is the function that I scraped from the Rules Tutorial Video with a minor tweak:
function (user, context, callback) {
const namespace = 'https://founder-grants.auth0.com/userinfo/';
context.idToken[namespace + 'user_metadata'] = user.user_metadata;
context.idToken[namespace + 'app_metadata'] = user.app_metadata;
callback(null, user, context);
}
My current access token is returning the following decoded JWT:
"iss": "https://founder-grants.auth0.com/",
"sub": "google-oauth2|11****************",
"aud": [
"http://localhost:5000/api/admin",
"https://founder-grants.auth0.com/userinfo"
],
"iat": ******************,
"exp": ******************,
"azp": "******************",
"scope": "**openid profile email**",
"permissions": [
"get:adminLocal"
]
}