Architecture Sanity Check


We are planning on migrating our various systems to Auth0 and need a sanity check of a few things.

The types of systems we have:

  • Internal - used by staff (1 App)
  • B2B - used by trade and our staff (2 Apps)
  • B2C - used by customers and our staff (2 Apps)

So ideally we’d like to centralise all the users into a single database, and then - using roles/rules change what systems they have permission to (this helps a lot for the staff since we don’t have to manage the users in 5 different places).

So question 1 is: Is it recommended to keep the users in a single DB or to keep the users in separate Databases, for example:

  1. Staff Database
  2. Trade Database
  3. Customer Database

The various systems are written/run on different platforms, ranging from Node through to WordPress, so considering the vast differences in the architecture of the applications, question 2: are there any early gotchas that we should be mindful of when implementing it?

Question 3: Is roles the right approach to go for restricting what the users can access? As I understand it I’m going to have to map the role/permissions from Auth0 back to the individual applications roles and line them up that way?

Thanks in advance, and apologies for the probably dumb questions, we just want to make sure we’re approaching this the right way and don’t regret it halfway through :smiley:


Hi all,

Does anyone have some feedback for me here please?


Hi @ianb

I would have trouble answering your questions in a 1 page post. I’d need to know a LOT more about the different kinds of users, where they are stored, how they are validated. There are TONS of gotchas to be mindful of, without knowing details, it is hard to begin.

Roles are great for defining access, but they have limitations. I’d need to know a lot about the permission framework you need, how you are restricting access etc.

Sorry for this reply - I wanted you to know that these general questions are really hard to respond to. If you are with a company, I’d recommend Auth0 Professional Services health check offering for this.