Setting a user role in an action will not update the permissions in the access token

jeff0 · October 6, 2021, 11:03am

Welcome to Auth0 Community !!!

Don’t use Management API call for this. You can add a custom roles claim in a post-login action like this:

/**
 * @param {Event} event - Details about the user and the context in which they are logging in.
 * @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
 */
exports.onExecutePostLogin = async (event, api) => {
  const namespace = 'https://my-app.example.com';
  if (event.authorization) {
    api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
    api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
  }
}

Hope it helps

Thanks
Jeff

Topic		Replies	Views
Post Login Action not Placing Role in Token Help	7	2453	April 22, 2022
How to add permissions to the access token (Actions) [Edit] Help auth0 , management-api , login	3	2994	January 8, 2024
Permissions assigned through RBAC do not match currently assigned roles Help user-profile , user-management	4	345	March 19, 2024
Permissions not updating when adding Role via a Rule Help rules , roles , permissions , rbac	2	4662	January 8, 2024
How do I add permissions (not roles) using the actions? Help dashboard , admin-management	4	839	January 15, 2024

Setting a user role in an action will not update the permissions in the access token

Related Topics