We have users who can be assigned to multiple Auth0 organisations. Under these organisations they can have different permissions setup depending on the role chosen at the point of invitation.
For our application, we need to answer a seemingly simple question of “What permissions does this user have in a given organisation?”
Unfortunately looking though the documentation there’s no simple way of answering this question at the moment without a series of separate Management API requests.
I was hoping that the Get User Permissions API would return a list of permissions derived from the organisation, and the
source property for each permission would be the organisation that they’re a member of.
The way we’re having to do it currently is:
- Get a list of organisations the user has membership in
- For each organisation, get the user’s roles within that organisation
- For each role, get the permissions
As you can imagine this is terribly expensive. Is there another way?