Unable to getPermissions in Post-Login Action

mkochco · November 30, 2023, 5:26pm

Using a Post-login action, I’m trying convert user permissions into a scopes field in the access token.

exports.onExecutePostLogin = async (event, api) => {

    const ManagementClient = require('auth0').ManagementClient;
    const management = new ManagementClient({
        domain: event.secrets.domain,
        clientId: event.secrets.clientId,
        clientSecret: event.secrets.clientSecret
    });

    var params = {id: event.user.user_id};
    try {
        const { data: permissions } = await management.users.getPermissions(params);

        console.log(`Permissions for user ${event.user.user_id} = ${JSON.stringify(permissions)}`);

        permissions.forEach(function (obj) {
            console.log(`Adding ${obj.permission_name} to accessToken scope`);
            api.accessToken.addScope(obj.permission_name);
        });
        
    } catch (err) {
        console.log(`Error getting permissions for user ${event.user.user_id}: ${err}`);
    }
}

When the action executes the call to managment.users.getPermissions errors out with

FetchError: The request failed and the interceptors did not return an alternative response\n

I can’t find any other helpful information. Anyone have ideas on what I might be doing wrong? Or perhaps point me in a direction that will provide additional information on what exactly is failing?

Thanks,
Mark

tyf · December 7, 2023, 12:42am

Hello @mkochco welcome to the community!

I’d need to test your code to see if I can reproduce the error, but first wanted to clarify the need for permissions in the scope claim. Is there a particular reason you are going this route as opposed to just utilizing the permissions claim through RBAC?

Let us know!

tyf · December 22, 2023, 11:37pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.