CODEWITHSUNDEEP
auth0
beewest
beewest

Reputation: 4846

auth0: update user roles using v2 api

I can use https://xxx.au.auth0.com/api/v2/ to query and update the user. However not sur how to create roles and assign them to user.

Any idea please?

Upvotes: 0

Views: 879

Answers (1)

arcseldon
arcseldon

Reputation: 37115

An easy way to do this is in Auth0 is with Rules - whereby you add the Roles information to the User Profile app_metadata attribute.

For example, here is a simple example

function addRolesToUser(user, context, callback) {   

  // ignore this rule if not correct client id of application using Rules 
  if (context.clientID !== 'eTQbNn3qxxxxxxxxxxxL6R7M7MDh') {
    return callback(null, user, context);
  }

  user.app_metadata = user.app_metadata || {};
  user.user_metadata = user.user_metadata || {};

  // You can add a Role based on what you want
  // In this case I check domain - give gmail ADMIN role
  var addRolesToUser = function (user, cb) {
    if (user.email.indexOf('@gmail.com') > -1) {
      cb(null, ['ROLE_ADMIN', 'ROLE_USER']);
    } else {
      cb(null, ['ROLE_USER']);
    }
  };

  addRolesToUser(user, function (err, roles) {
    if (err) {
      callback(err);
    } else {
      user.app_metadata.roles = roles;
      auth0.users.updateAppMetadata(user.user_id, user.app_metadata)
        .then(function () {
          callback(null, user, context);
        })
        .catch(function (err) {
          callback(err);
        });
    }
  });
}

The Roles are now part of the User Profile and available in the app_metadata for inspection. If you additionally want the Roles information to appear in the returned JWT ID Token, just add the roles scope to your authentication request.

Upvotes: 1

Related Questions