We’re currently in the process of testing Auth0 and wondered if anyone could shed light on the following queries please?
With regard to the built-in databases (stored in Auth0 itself). Are there any limitations or performance issues using the built in Auth0 user database or is best practice to use our own (possibly Azure SQL eg…) for user accounts?
For Organisations. When inviting users to an organisation. I read that users were created in the User DB (username/password eg) .automatically when accepting the invite; but this does not seem to be working. Is this currently working as designed?
We’ll be using a mixture of both Connectors and DB’s… What’s the general preference for user information? Do people shy away from SQL/Auth0 User Databases and use Enterprise AD , ADLDS, Azure connectors instead? We aren’t using social media connectors at this stage.
4… Any example JSON for a user import us.ing the user import/export extension please?
I’m sure I have a few more, but that’ll do for starters! Thanks!
1.) Using the built in Database connections are normally more performant, as all the data is in Auth0 and does not need external calls during authentication. However, we normally recommend that you only store data that is relevant for the purposes of Authentication or Authorization in the Auth0 user store. Other data about the users such as their order history etc. would be best kept on your own local databases, linked via associating it with the user’s Auth0 User_id.
Having to execute a user search everytime to obtain those kinds of details, or cram the information into tokens could cause issues with performance / rate limits.
You may want to also review the best practice and architecture scenario documentation:
2.) If the user is not already in your store they would need to sign up still, the invitation will just ensure they are assigned to the right organization and optionally roles too upon creating their account.
3.) I think this mainly depends on your use case and possible sources of users. If you are working with other businesses and their employees/users primarily, you will likely use Enterprise connections more. If your end-users are just members of the public, then Auth0 Database and Social Media connections are more common, with the latter providing as little barrier to entry as possible as most users will already have a Social account and can utilise SSO, whereas a Database connection would allow you to control who signed up via Hooks/Actions, or even invite-only flows:
Quick follow-up on Organizations. One of the Apps team is getting a warning when trying to enable ‘Organizations’ for their App. Basically saying that certain Grant types are not supported when the app is accessed by team members of Organizations.
.
Do you know whether this works (and isn’t supported), doesn’t work OR whether it simply isn’t recommended and hence is unsupported.