Auth0 is amazing, so is NestJS, but it really takes this article to bring the two together. Thanks to this article I have a trusted basis for implementing role-based authorisation, rather than whatever I would have ended up with if I had to work it out myself (not to mention the time for that). I need to understand the security concepts, and want to have control, but I absolutely want the detail abstracted away - which is why I love Auth0.
My only suggestion would be highlighting that where in the tutorial you’ve manually assigned roles, that in a real-world app we can use rules to populate the roles claims (e.g. from a database) on login.
Thank you Dan.