Setting a user role in an action will not update the permissions in the access token

Hi @kl.auth

Welcome to Auth0 Community !!!

Don’t use Management API call for this. You can add a custom roles claim in a post-login action like this:

/**
 * @param {Event} event - Details about the user and the context in which they are logging in.
 * @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
 */
exports.onExecutePostLogin = async (event, api) => {
  const namespace = 'https://my-app.example.com';
  if (event.authorization) {
    api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
    api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
  }
}

Hope it helps

Thanks
Jeff

1 Like