Unable to getPermissions in Post-Login Action

Using a Post-login action, I’m trying convert user permissions into a scopes field in the access token.

exports.onExecutePostLogin = async (event, api) => {

    const ManagementClient = require('auth0').ManagementClient;
    const management = new ManagementClient({
        domain: event.secrets.domain,
        clientId: event.secrets.clientId,
        clientSecret: event.secrets.clientSecret
    });

    var params = {id: event.user.user_id};
    try {
        const { data: permissions } = await management.users.getPermissions(params);

        console.log(`Permissions for user ${event.user.user_id} = ${JSON.stringify(permissions)}`);

        permissions.forEach(function (obj) {
            console.log(`Adding ${obj.permission_name} to accessToken scope`);
            api.accessToken.addScope(obj.permission_name);
        });
        
    } catch (err) {
        console.log(`Error getting permissions for user ${event.user.user_id}: ${err}`);
    }
}

When the action executes the call to managment.users.getPermissions errors out with

FetchError: The request failed and the interceptors did not return an alternative response\n

I can’t find any other helpful information. Anyone have ideas on what I might be doing wrong? Or perhaps point me in a direction that will provide additional information on what exactly is failing?

Thanks,
Mark

Hello @mkochco welcome to the community!

I’d need to test your code to see if I can reproduce the error, but first wanted to clarify the need for permissions in the scope claim. Is there a particular reason you are going this route as opposed to just utilizing the permissions claim through RBAC?

Let us know!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.