Create a client and api following auth0 wordpress docs, https://auth0.com/docs/cms/wordpress/configuration
- Add the
app_metadata
scope to the api. - Add app_metadata to a user
{
"authorization": {
"groups": [
"Admins"
],
"roles": [],
"permissions": []
}
}
- Create a rule
function (user, context, callback) {
// copy user metadata value in id_token
context.idToken.authorization = user.app_metadata.authorization;
callback(null, user, context);
}
- Add filter to wordpress to parse metadata before login, https://www.diycode.cc/projects/auth0/wp-auth0?sync=1
add_action('auth0_user_login', function($user_id, $user_profile, $is_new) {
if(isset($user_profile->authorization)) {
if(in_array('Admins', $user_profile->authorization->groups)) {
wp_update_user(array(
'ID' => $user_id,
'role' => 'administrator'
));
}
}
}, 0, 3);