Auth0 implicit grant workflow to grant access to 3rd party API

I want to use Auth0 for Access Control to authenticate users and control user permission in my client side javascript application. I also need to connect to a web-based hosting service for version control (Gitlab, BitBucket) from the client side app. I need some users to have only read access to this 3rd party API and other users to have write access.
I can setup an implicit grant workflow in Gitlab to grant either read(1) or write access(2) for an application. But since I need different users of my application to have different permissions I need the Access Control provided by Auth0.

My question is, Would it be safe to create an implicit grant workflow with Auth0 to authenticate users and based on their scope(permissions) either start the read implicit grant process(1) or write implicit grant process(2) to access the Gitlab API ?

Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?