I’ve spent the past few days trying to wrap my head around Auth0 and its ability to do authentication and authorisation.
I have an existing project which is a Regular Web Application (Application) that I assume uses the System API (API). Anyhow, I need to add authorisation to this existing system.
My thought was to create a custom API since I found a lot of documentation doing it this way. This allows me to enable RBAC and setup permissions and roles. However, after I set this all up I noticed that I will no longer be using the original Regular Web App which contains all the existing users. By this, I mean how the application originally authenticates.
So my question is, how do I go about enabling authorisation to this existing Regular Web App. Do I keep progressing with the custom API and just create a new API call to get the user’s roles and permissions? Or am I way out of scope.