Greetings community, I have many doubts about how to work the Role-Based Access Control approach in SPA applications, I have the following scenario: implement authentication to my SPA as is the quick start of oauth2, investigate that for roles I must use this extension “Auth0 Authorization” but my question is how by adding roles and permissions I can read this in my SPA to save that user state.
I understand you have some questions regarding Role-Base Access Control (RBAC). I’d be happy to help.
First, I’d like to inform you that the Auth0 Authorization Extension will eventually be deprecated. Given that, I strongly recommend you use the Authorization Core to implement RBAC.
Using the Authorization Core will improve scalability and performance.