Assigning security roles during OAuth user creation


I have written an OAuth plugin for Identity Server 3 that is correctly authenticating and logging the user in to our community.

The payload data that I have access to in the plugin additionally includes role names that the user should belong to, which can be easily applied if the user already exists in the community, however, if it is a new user who is first logging in, then they don’t exist and I therefore can’t apply the same logic.

I just wondered if anyone was aware of a method of automatically assigning roles for these new users as part of the creation process or if I am missing something obvious that would allow me to do this?

Note that this is for Community 10.2.