I have a simple To-Do mobile application in Xamarin .NET using Auth0 authentication and it is consuming an ASP.NET CORE Web API using Auth0 authorization.
Every user who registers in my application get a “space” where they can create their own To-Do lists.
All users who are logged in have the possibility to search for “spaces” but can not see the To-Do lists within the space.
I want to have a button on the “space” description page saying “Ask for rights?” which should send a request to the owner of that space that allows the user access to the To-Do lists of that space.
How can I implement such a role/group/claim based solution?