Here are things that I still not clear about, after 3 weeks researching auth0
-
What’s the relationship between and Application and API
-
What’s the difference between scope and permissions
-
What’s the point of creating a SPA app in this page? Auth0 Configuration (SPAs + API).
Because I see that another M2M app will be created automatically after creating an API, I have no idea why we have to create this. And then of course, I wonder how these 2 apps would connect to each other?
In the next step, API and SPA Configuration (SPAs + API), the docs tells me to input clientId, but currently I have SPA and M2M app, which clientId should I input there. -
I think there should be a better document for troubleshooting, with symptom, and solution. In my case, I installed Authorization extension, and cannot get user’s ‘roles’, and ‘permissions’, while ‘groups’ work fine. I cannot find any docs that could solve my problem, also not understanding the root cause.
-
What would happen if the name of permission in Authorization extension doesn’t match the scope name in API?