Best practice for FE to show/hide links based on permissions

janetsmith2000 · September 7, 2020, 8:04pm

What’s the best practice for showing links/button based on permissions?

I have 2 choices:

Filter the items at BE, and pass back the json to FE to render. FE has no knowledge about the permission. However, sometime the menu items/button contains links to another FE url, that means BE needs to have knowledge of FE.
FE filter the links based on Roles (I can’t retrieve the permissions in FE, only can get Roles). That means user can inspect the roles in Javascript.

What is the general practice for this?

dan.woda · September 8, 2020, 8:52pm

You can add the roles to the token then conditionally render UI based on that. That is typically the guidance for this type of thing.

system · September 23, 2020, 8:52pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
NextJS - show/hide component in front end based on permission Help apis , application	2	2071	September 12, 2024
When roles are not enough client-side, best practices to get permissions? Help management-api , roles	1	249	May 10, 2024
Conditional Rendering based on User Metadata Help user-profile , user-management	4	1740	January 4, 2023
Get user permissions in React SDK Help auth0 , react	2	4756	December 22, 2021
Proper way to check for roles/permissions on nextjs backend Help apis , application	4	4103	January 5, 2023