What is the best way to handle Auth0 groups and roles in a Rails app?

I am a dev for a Rails-based web app that is multi-tenant where users manage “businesses” and respond to “tickets.” For instance, a user might be an administrator for Business 1, which allows for a different dashboard, and then, under the same account, they might be a manager for Business 2 and so on… Currently, we are using Rolify to manage roles.

What is the best way to use Auth0’s roles and groups to accomplish this? Somehow, we want to use Auth0’s Authorization Extension to show that a user is a manager of a business, via groups maybe, and then in our database show that a user in the “XYZ Business” group with the role of manager is a manager of “XYZ Business”.

For authorizations for Users using permission policy, you can use The Auth0 Authorization Extension v2, which allows you to configure Groups, Roles and Permissions for your Users by the Authorization Extension dashboard or you can use Authorization Extension API that enables you to:

  • Automate provisioning for your users, roles, groups, and permissions.
  • Query the authorization context of your users in real time

You can read more about this in the following links: