I have been trying all day to get this to work. I have a WPF application and authentication works just fine. However I need to be able to know the role of the user or permissions. I have tried to add custom actions and then add it to the login flow. However, every time the Access token and/or the ID token just has the normal OpenID/Profile/Email claims and nothing more.
For some reason I have tried everything. Here is my coding below.
Auth0 Custom Actions/Flow
exports.onExecutePostLogin = async (event, api) => {https://XXXXXX.us.auth0.com ’;${namespace}/roles, event.authorization.roles);${namespace}/roles, event.authorization.roles);
And here is the call within the WPF.
Auth0ClientOptions clientOptions = new Auth0ClientOptionsXXXXX.us.auth0.com ”,
var client = new Auth0Client(clientOptions);
var loginResult = await client.LoginAsync();
Hi @demariners !
Could you please try using backquotes ` for the namespace identifier in your Action code? It has to be a string.
exports.onExecutePostLogin = async (event, api) => {
const namespace = ‘https://XXXXXX.us.auth0.com’;
if (event.authorization) {
api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
}
}
Please let us know if that worked!
That did not work sadly. Is there anything specific I need to put in the scope?
exports.onExecutePostLogin = async (event, api) => {https://XXXXXX.us.auth0.com;${namespace}/roles, event.authorization.roles);${namespace}/roles, event.authorization.roles);
exports.onExecutePostLogin = async (event, api) => {
const namespace = `https://deflight.us.auth0.com`;
if (event.authorization) {
api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
}
};
I also noticed if I type:
https://XXXXX.us.auth0.com/roles
Into my browser I get not found. Not sure if that is because I need to be authenticated or not but just noticed that.
@demariners , thank you for following up!
This is the namespace identifier and it doesn’t have to be a valid URL.
You should be good with the code snippet I shared. When testing with a test user, please make sure the user has a role assigned.
On your Auth0 tenant, I noticed the only Action applied to the Login flow is the one that adds email address of a logging in user as a claim.
Please also remember to deploy the action once it’s ready. You can have several Actions added to a single flow.
Please let us know how that goes!
system
March 12, 2024, 2:20pm
8
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.