Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save flochaz/a127630343ecbdf8131c928f952e73fe to your computer and use it in GitHub Desktop.
Save flochaz/a127630343ecbdf8131c928f952e73fe to your computer and use it in GitHub Desktop.
Auth0 Post Login Action AWS SSO SCIM createUser implementation
const axios = require('axios');
/**
* @param {Event} event - Login event
*/
exports.onExecutePostLogin = async (event, api) => {
console.log(`creating user`);
const createUserResponse = await axios.post(
`https://scim.us-west-2.amazonaws.com/${event.secrets.TENANT_ID}/scim/v2/Users`,
{
userName: event.user.email,
name: {
familyName: event.user.family_name,
givenName: event.user.given_name,
},
displayName: `${event.user.given_name} ${event.user.family_name}`,
active: true,
},
{
validateStatus: function (status) {
return status === 409 || status < 400;
},
headers: {
Authorization: `Bearer ${event.secrets.SCIM_ACCESS_TOKEN}`,
},
}
);
if (createUserResponse.status !== 409) {
console.log(`created user`);
const userId = createUserResponse.data.id;
console.log(`Assigning ${userId} to group`);
const assignGroupResponse = await axios.patch(
`https://scim.us-west-2.amazonaws.com/${event.secrets.TENANT_ID}/scim/v2/Groups/${event.secrets.GROUP_ID}`,
{
schemas: ['urn:ietf:params:scim:api:messages:2.0:PatchOp'],
Operations: [
{
op: 'add',
path: 'members',
value: [
{
value: userId,
},
],
},
],
},
{
headers: {
Authorization: `Bearer ${event.secrets.SCIM_ACCESS_TOKEN}`,
},
}
);
console.log(`assignGroupResponse ${assignGroupResponse.data}`);
} else {
console.log(`User already exists. aborting.`)
}
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment