Good morning,
I’m testing the implementation of Auth0 as SSO for my application and I’m not able to get the parameters of users/email, roles, etc. in the returned token. I created for a user. I work in a B2B model where my application is accessed by companies that have internal users with different access to my set of applications. I need this metadata to know which application and which user profile to direct a token to. How do I get this metadata?
thanks
Hey there @gestaoconfiguracoes welcome to the community!
Can you share a bit more about your approach and which Auth0 SDK(s) you might be using? Are you working with both ID and access tokens currently? What do those tokens look like?
Let us know!
Thanks for the feedback.
My idea is to create each of my clients (companies) as an “Organization” in Auth0 and register all my products. Next, I will register the internal users of these companies, freeing them to access the products that that company has access to. For this, I intend to use the auth0 authentication token to find out who the user is logging in and what tools he has access to direct him to the correct url already authenticated.
The token needs to have some specific metadata: email, roles, profile, etc. Because some features of the tool use this information.
Is this a correct approach?
Hey there @gestaoconfiguracoes sorry for the delayed response, but wanted to get back to this one for future reference.
This does sound like the correct approach - You will most likely want to look into using a combination of RBAC, Organizations, and app/user metadata.
The following docs may be useful as well:
Hope this helps!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.