How can I set the user's role upon registration? #7328

This discussion has been migrated from our Github Discussion #7328

EKarpinsky140d ago

I have 2 authenticated roles: Role A and Role B. How can I let the user choose which role he is and set it upon registration?


Responses to the discussion on Github

EKarpinsky139d ago


SOLVED: You have to change the register function that comes with Strapi, now located in the ‘node_modules’ directory. Create a new file “Auth.js” in /extensions/controllers (you will have to create the controllers directory as well). In that Auth.js file, copy paste the register function from ‘node_modules/strapi-plugin-users-permissions’, as well as the consts at the top such as lodash, and edit the role declaration into the following line:

const role = await strapi.query(‘role’, ‘users-permissions’).findOne({id:}, []);

Quite the long approach, so hopefully Strapi will release an easier way of specifying role id on register, instead of just using the default one.

lauriejim139d ago


Thank you for this answer, got a lot of this question. We will probably have to reference that somewhere

EKarpinsky139d ago


My pleasure! Was bugging me since yesterday and even Google had a tough one with this!

derrickmehaffy139d ago


Quite the long approach, so hopefully Strapi will release an easier way of specifying role id on register, instead of just using the default one.

Previously our stance on this has been it can be a security risk so we generally advise against allowing the user to pick their role. I know this isn’t always the case for all users but in the few that I have seen it would have been a pretty major security risk. My suggestion in the past was to register them under the default and then via either an automated review process or manual review to then reassign their role after that.

Either way thank you for the solution you found :slight_smile:

abbeyseto116d ago

Thanks, @EKarpinsky for this solution.

I really needed this feature and was happy this helped me.

Just a point to note, putting the logic in **/extensions/controllers/Auth.js**, the custom roles logic doesn’t work. The default logic from the node_modules was still called. To correct this i tried:


and this worked perfectly.

1 Like

This seems like a “wrong question” The roles are allowing the application to categorize users in the process of authentication - and allow / disallow authenticated users (a process called authorization) certain privileges. A trivial and often used example is the classification of users into three groups (bronze silver and gold) based on the subscription price. If the user is able to select his role, the classification becomes meaningless

@adriatic this discussion is quite old and predates our RBAC feature, the role the user is talking about is from the users-permissions plugin and doesn’t depend on any license.

I migrated it from GitHub Discussions as we are shutting our GitHub Discussions down this week.

Thanks for the explanation Derrick :smiley:

I try to use this solution but when i make a mutation I get an error

i dont know what am i doing wrong

i copied the file from “node_modules\strapi-plugin-users-permissions\controllers\Auth.js”

and pasted it here “extensions\users-permissions\controllers\Auth.js”

and edited the declaration of role, but now i have an error while making a mutation in graphql