We are passing jwt token and its get validated by auth0. In return we are receiving { “permissions”=>“read:abc”], “groups”=>“account”], “roles”=>“external”]} in token.
We are integrating auth0 with knock gem in backend.
How we can further proceed with role, permission and group in rails.
Based on their documentation Knock performs the verification of the JWT and trigger the availability of a user entity based on the token payload.
By default, Knock assumes the payload as a subject (
sub) claim containing the entity’s id and callsfindon the model.
However, you can override that behavior by implementing a from_token_payload method that would allow you to create the user entity based on the full payload of the token which would mean you could create a user entity containing the permission, groups and roles contained in the token.
Given the user entity would then be available on authenticated routes you could then implement your access control by checking the current_user on each route.