Delegated Administration: Filter Hook
By default, users with the Delegated Admin - User role see all users associated with the Auth0 account. However, you can filter the data users see using the Filter Hook.
Hook contract
ctx: Context object.
callback(error, query): Callback to which you can return an error or the lucene query used when filtering the users. The extension will send this query to the Get Users endpoint of the Management API.
To learn more about the lucene query, review User Search Query Syntax.
Sample use
If Kelly manages the Finance department, she should only see the users that are also part of the Finance department. We'll filter the users with respect to the department of the current user (which, in this case, is the Finance department and Kelly, respectively).
function(ctx, callback) {
// Get the department from the current user's metadata.
var department = ctx.request.user.app_metadata && ctx.request.user.app_metadata.department;
if (!department || !department.length) {
return callback(new Error('The current user is not part of any department.'));
}
// The IT department can see all users.
if (department === 'IT') {
return callback();
}
// Return the lucene query.
return callback(null, 'app_metadata.department:"' + department + '"');
}Was this helpful?
Search engine override
You can override the default search engine by specifying your choice in the response.
// Return the lucene query.
return callback(null, { query: 'app_metadata.department:"' + department + '"', searchEngine: 'v2' });Was this helpful?
Notes
Do not use single quotes, double quotes, or any other special characters (such as + or -) in terms on which you'll want to filter. This may cause issues with the Lucene query.
If you use multiple operators like OR, NOT, or AND, use wrap those search parameters in parentheses [()] to delineate which operator is in effect where.
If you do not configure this Hook, the search returns all users.