I’m build a SaaS platform with the help of auth0 as and IdP provider. Auth0 is great at handling the authentication and authorization aspect for the platform and I’m grateful for that.
I’m exploring the roles and permission section of auth0 and I have read documentation on both the Auth0 Authorization Extension and Authorization Core. Also learned about the differences between them. In my scenario, I’m using the extension until we have migrated our existing systems over. Once migrated I will integrate the Authorization Core because of its benefits for scalability.
I’m trying to understand the possibilities that I can leverage SaaS subscription tier information and metadata with auth0 roles and permissions. In the bigger picture there is an automation aspect that I’d like to implement for enticing customers to purchase higher subscription tiers.
I’m entertaining a couple of options.
- Should I create roles that include permissions information related to tiers in auth0?
- Should I build/buy a CRM system to have SaaS tier info and leave auth0 to handle the RBAC?
- Does auth0 have a CRM-style system I can implement with the RBAC as a stand alone feature?