Hello,
I’m new to Auth0 where I’m trying to set up some rules for my API. Essentially, I’m trying to build a timesheet (I was rather shocked when I saw that the example guide for SPA + API was about a timesheet app as well, lol).
Basically, if a user has an approve:timesheets
permission in their token, I wish to call API endpoint 1, and if if it’s a “regular” user (without an approve:timesheets
permission), call API endpoint 2.
getLoggedInUserAndHours() {
return axios.get(`${API_URL}/timesheet/user`, { headers: { authorization: `Bearer ${localStorage.access_token}` } })
.then((response) => {
return response.data
})
},
getAllUsersAndHours() {
return axios.get(`${API_URL}/timesheets/allusers`, { headers: { authorization: `Bearer ${localStorage.access_token}` } })
.then((response) => {
return response.data
})
},
API 1 gets all users and their respective timesheets, whereas API 2 only gets the logged in user’s