As a part of the user signup I’ve added a rule to set the user role based on a signup query parameter. When I inspect the users profile after signing up, the role is applied. My problem is that the token I receive back from the signup process, does not contain the newly assigned role of the user. …

I think you may be missing the role on first login because the context.authorization object is already created before you have added the role to the user. You will have to manually add the role to the token on first login in addition to adding it via the management API.

Why is roles claim missing after signup?

Get Help

dan.woda July 12, 2021, 7:25pm 3

Hi @erlend,

Can you confirm that there isn’t another rule that is writing over the accessToken object?

Topic		Replies	Views
Custom Claims are not added after initial sign up Get Help custom-claims	3	3921	March 2, 2018
Can't find custom claims in idToken Get Help user-profile , user-management	6	31	March 14, 2025
getSession not retrieving the roles after signing up Get Help login-experience , new-universal-login-experience	4	267	June 9, 2024
Add Authorization Core Role to User object Get Help roles	8	3671	July 15, 2021
Add Roles/Claims to the access token via Login Flow Get Help login-experience , new-universal-login-experience	2	356	April 15, 2024

Why is roles claim missing after signup?

Related topics