I am currently evaluating Auth0 for our company, and I have hit a wall that may cause us to be unable to move forward with Auth0. I am hoping that is not the case, hence the post.
Essentially, we have need of some form of anonymous user. We are reducing friction and creating investment by allowing a user to go through a good portion of our flow before asking them to authenticate in any form.
As such, we need a way to identify that user/session and link it to the Auth0 user once they authenticate. Due to the way our auth layer works, we must have a JWT to handle authentication and authorization, even for an anonymous user.
Effectively, what this means is that I need to be able to manually generate a custom JWT with specific claims/roles/userID/etc that the client can use to authenticate until they log in through Auth0 and receive a “real” JWT.
Alternatively, if I could generate some kind of JWT with a unique ID inside it, then provide that to the client, that would also work, I believe. Custom claims aren’t strictly necessary.
Thus far I’ve not been able to find any way to do this with Auth0. Is this possible?