I’m trying to add a custom claim to my Auth0 API but I am struggling to understand the documentation on this. Let me explain what I would like to do:
I want to add a simple integer claim called DatabaseId. When the user logs in on the front end using the stock Auth0 login screen, the front end will redirect him to a screen where he can choose which database he wants to log into (a user can have access to many databases). Once he picks a database, I want to save the selected database ID as part of the access token, so that every time the front end performs a request on the Web API, it sends along (within the access token) the chosen database ID. The Web API controller actions will then be able to read this database ID off the access token, and know which database to perform the various database queries against.
I was going to save the user’s chosen database in a global variable in my Web API (a dictionary of type ) but someone told me that global variables are a bad idea, and I should rather send the chosen database id in the access token with every API call.
So I’m guessing I need to add a custom claim in Auth0 for the API? Then once the user logs in, and selects which database he wishes to connect to, my Web API can programatically set the selected database id using Auth0’s Management API? Then all further calls to the Web API by the front end should include the selected database ID in the access token? Is my logic correct or am I completely lost?