General Questions about RBAC and Applications

Hi there

I’m fairly new to auth0 and was trying the sample applications with Java Spring. As I checked out, there are two different approaches: Spring Security for Backend and Java Spring Boot.

My company has many applications (all of them client/server), both internal and external ones for customers. With a centralized SSO via Auth0, we add then users via AD or database and assign them permissions/roles for the respective applications. As far as I can see, I need one API per Application, is that correct?

My plan is to use Spring Security and use annotations for every action, as this is described in the Spring Backend tutorial.

I first checked out the frontend Spring Boot sample and added

audience: http://localhost:8080/api (which is my API that contains roles with the logged in User)

to my application.yml - in order to get back the roles of a user, but with no success.

I’m a bit unsure - what’s the difference between the sample with backend and frontend? Can Auth0 fulfill my needs?

Please delete this question. We moved over to KeyCloack and think it suits our needs better.

1 Like

Thanks for letting us know. Closing this then.