Scenario:
We have 2 Auth0 accounts. Call them dev
and prod
. Both accounts have the authorization extension installed.
After setting up some roles and permissions on dev
we used the export/import function in the extension configuration to populate prod
with the same roles and permissions. We manually removed the users
section of the exported JSON (as it was referencing dev
users that did not exist on prod
) and we changes the applicationId
s accordingly too.
A side effect of this is that the roles and permissions on dev
and prod
both have the same id
s. I’m not sure if this is a good thing or a bad thing.
Problem:
We have now done more dev work, and added several roles and permissions to dev
that don’t exist on prod
. prod
however now has relationships between users and roles that don’t exist in dev
. If I was to do the same thing as before, exporting json from dev
and importing into prod
(while stripping all the users) then these existing relationships would be “nuked.” My options seem to be:
- Manually create the new roles/permissions on
prod
in which case they will no longer have the sameid
s asdev
and I will need to add extra configuration to our services. - Export json from both
dev
andprod
and then manually reconcile these somehow before re-importing intoprod
(while hoping that nothing changed onprod
during this process because it will be lost)
Neither of these solutions feels very attractive. Is there something I’m missing or doing incorrectly?