If I assign a user a role of “Support” and that user logs into an organization, will they have the “Support” permissions, or do I also need to assign that user the role of “Support” in the organization?
Hello @roboncode welcome to the community!
You’ll need to assign the role from within the Organization itself - For example, if you assign the a role directly, use an Action (below) to add it to a token, but the user authorizes through an Organization the role will not be reflected. It will however be reflected in the token if the role is instead assigned to the user from within the Organization settings.
exports.onExecutePostLogin = async (event, api) => {
const namespace = 'https://my-app.example.com';
if (event.authorization) {
api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles);
}
}
Hope this helps!
1 Like
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.