New auth0 accounts not getting added to permission group

[hannahkates]

Who’s experiencing this?

All new users who create accounts on CPP.

How does it manifest?

The user can successfully create an account (it shows up in auth0), but when trying to login they get redirected to CPP with a blank page because of an invalid token error. This prevents them from accessing the logged in view of CPP.

Why?

New accounts aren’t getting automatically added to the necessary permission “group” to be able to access the non-public routes. Users should be added the group called "Sitewide Access."

The group permission management is handled under Authorization -> Users.

It seems like something is wrong with our configuration. This might have something do with our version of Authorization Extension being out of date (ours = 2.0, latest = 2.8). There are breaking changes for upgrading, so we would need to dedicate time to the upgrade. https://auth0.com/docs/extensions/authorization-extension/v2

The extension in Auth0 is managed under Extensions -> Installed Extensions -> Auth0 Authorization.

Potential solutions

• Fix the configuration and probably upgrade the Authorization Extension
• Implement NYC.ID instead?

Workaround in the meantime

Manually add new users to the "Sitewide Access" group in the Auth0 admin GUI
How to:

• Login to auth0.com using creds on 1password
• Click on Authorization
• Click on Users
• Click on the specific user who needs permission
• Add user to "Sitewide Access" group