Microsoft Entra ID App Roles & Better-Auth
Thank you for the tool.
My tool/framework stack is the following:
- SvelteKit
- Drizzle-ORM
- Better-Auth
- Microsoft Azure Entra ID
Goal: Use OAuth from Microsoft Azure Entra ID to sign in the user, receive their roles set up in the App Roles in Azure, and store the roles in a bridge table.
Setup
Besides the automatically created
-
- Columns:
- Used for storing the roles obtained from Microsoft Azure Entra ID users.
-
- Columns:
- used to map users to roles and vice versa.
I'm creating these tables due to the fact that a user may have more than one role. In the case of only one role extending the
I also use
Desired Result
What I'd like is when the user is signed-in using Microsoft, their role from Azure App Roles is obtained and the following occurs:
- If it's their first time logging in, their roles are saved to the
- If it's not their first time logging in, simply obtain their role from the
Attempted Solutions:
- Database before hook
- Can receive the roles that were setup in App Roles in Azure, but since the user doesn't have an ID yet (not inserted into the user table), the entry cannot be inserted into the user_role table.
- Database after hook
- Can have the user ID but the roles are not available since the user schema does not have a role column.
- Before & After hooks
-
I would appreciate any help. Design suggestions are also welcome. Thank you very much!
My tool/framework stack is the following:
- SvelteKit
- Drizzle-ORM
- Better-Auth
- Microsoft Azure Entra ID
Goal: Use OAuth from Microsoft Azure Entra ID to sign in the user, receive their roles set up in the App Roles in Azure, and store the roles in a bridge table.
Setup
Besides the automatically created
user-
role- Columns:
idname- Used for storing the roles obtained from Microsoft Azure Entra ID users.
-
user_role- Columns:
user_idrole_id- used to map users to roles and vice versa.
I'm creating these tables due to the fact that a user may have more than one role. In the case of only one role extending the
userI also use
mapProfileToUserbetterAuthDesired Result
What I'd like is when the user is signed-in using Microsoft, their role from Azure App Roles is obtained and the following occurs:
- If it's their first time logging in, their roles are saved to the
rolesusersuser_role- If it's not their first time logging in, simply obtain their role from the
user_roleAttempted Solutions:
- Database before hook
- Can receive the roles that were setup in App Roles in Azure, but since the user doesn't have an ID yet (not inserted into the user table), the entry cannot be inserted into the user_role table.
- Database after hook
- Can have the user ID but the roles are not available since the user schema does not have a role column.
- Before & After hooks
-
createAuthMiddleWare/sign-in/socialsI would appreciate any help. Design suggestions are also welcome. Thank you very much!
Was this page helpful?
