function (user, context, callback) {
  // TODO: implement your rule 
  
  var _ = require('lodash');
  var EXTENSION_URL = "https://dev-wvhl4zor.us.webtask.run/adf6e2f2b84784b57522e3b19dfc9201";

  var audience = '';
  audience = audience || (context.request && context.request.query && context.request.query.audience);
  if (audience === 'urn:auth0-authz-api') {
    return callback(new UnauthorizedError('no_end_users'));
  }

  audience = audience || (context.request && context.request.body && context.request.body.audience);
  if (audience === 'urn:auth0-authz-api') {
    return callback(new UnauthorizedError('no_end_users'));
  }

  getPolicy(user, context, function(err, res, data) {
    if (err) {
      console.log('Error from Authorization Extension:', err);
      return callback(new UnauthorizedError('Authorization Extension: ' + err.message));
    }
 
    if (res.statusCode !== 200) {
      console.log('Error from Authorization Extension:', res.body || res.statusCode);
      return callback(
        new UnauthorizedError('Authorization Extension: ' + ((res.body && (res.body.message || res.body) || res.statusCode)))
 )};

  //   Update the user object
  user.grant_types = data.grant_types;
  const namespace = 'https://wuglm.progress.com/claim/';
  context.idToken[namespace + 'grant_types'] = user.grant_types;
  context.accessToken[namespace + 'grant_types'] = user.grant_types;
  
  grant_types: 
	"password","http://auth0.com/oauth/grant-type/password-realm";
   
   // Store this in the user profile (app_metadata).
   saveToMetadata(user.grant_types, function(err) {
   return callback(err, user, context);
   });
                  
   function saveToMetadata(user.grant_types, cb) {
    user.app_metadata = user.app_metadata || {};
    user.app_metadata.authorization = {
    grant_types: passowrd-realm,
    };    
}