How to assign roles/scopes in the post_auth_hook

I am using GenericOAuthenticator along with a OIDC provider (OIDCP) to provide authentication. I want to implement Authorization based on the scopes and role defined in my OIDCP. I am able to get the auth_state in the pre_auth_hook , i want to be able to use that data to hit the OIDCP API to fetch the user data and then set the roles and scopes defined in the OIDCP.
Currently i was setting the roles/scopes by using c.JupyterHub.load_roles in post_auth_hook but the user is not getting the desired access. Any help is really appreciated !

Changing c.JupyterHub.load_roles on runtime has no effect. I think what you may want is the authenticator-managed roles which were added for JupyterHub 5.0 (not yet released, currently in beta), see

1 Like

ohk. Thanks for the info.
Is there any work around that you might know to add new roles or scopes on runtime?

You can test the beta:

1 Like