To synchronize groups from Auth0, you must create a group synchronization application in the Auth0 identity platform.
Creating a Regular Web Application in Auth0
- Log in to Auth0 identity platform and go to Applications > Applications.
![]()
- Click Create Application.
- Enter the name of the application.
- In Choose an application type, select Regular Web Applications.
![]()
- Click Create.
- Go to the Settings tab.
![]()
- Domain – The domain used for authentication. This is common for all your applications.
- Client ID – The ID of the application.
- Client Secret – The client secret of the application.
- Go to Advanced settings > Grant Types.
![]()
- Make sure that the following grants are selected:
- Authorization Code
- Refresh Token
- Client Credentials
- Go to Applications > APIs.
![]()
- Select the API you want your newly created application to access.
- Go to to Machine to Machine Applications tab and find your newly created application. Authorize it, and in Permissions, select read:roles.
![]()
Adding user roles into the JWT token
- In Auth0 Identity platform, go to Actions > Library > Custom.
- Click Build Custom.
![]()
- Enter the Action name.
- In Trigger, select Login / Post Login.
- In Runtime, select Node 16.
- Click Create.
- An editor will be displayed.
![]()
- Copy the code block at the end of this page, paste it in the editor and click Deploy.
- Go to Actions > Flows > Login.
![]()
- Drag and drop newly created Action to Login flow.
- Click Apply.
exports.onExecutePostLogin = async (event, api) => {
const namespace = 'hcp';
if (event.authorization) {
api.idToken.setCustomClaim(`$namespace/roles`, event.authorization.roles);
api.accessToken.setCustomClaim(`$namespace/roles`, event.authorization.roles);
}
};
Post your comment on this topic.