If I’m actively using auth0 to manage auth to a live site, could enabling RBAC somehow break the live site? And what does flipping the switch actually do, technically speaking?
If you care to expand I’d love more details on what the description for the enable rbac toggle means:
If this setting is enabled, RBAC authorization policies will be enforced for this API. Role and permission assignments will be evaluated during the login transaction.
For context I want to enable RBAC so I have access to roles in my rules: Sample Use Cases: Rules with Authorization