I’m relatively new to Auth0 and would like some confirmation that I understand this correctly!
At the moment I am building a Mongodb/Express/Angular/Node SPA that uses auth0 to authenticate users. I have successfully followed the tutorial here: https://auth0.com/blog/real-world-angular-series-part-1/ and setup routes with roles stored in the app_metadata for each user + used the JWT as middleware on routes on my backend.
Here’s where I get lost. In the above tutorial, there’s no need for the admin user to manage the other users. However, in my application, I would like the admin to be able to view all the users, and if needed create new users/delete old users from the app. I would also like users to be able to add additional information about themselves such as a bio or address.
From my understanding in order to achieve this I need to store additional user information in user_metadata and use the Management API via my node backend to achieve this, but I can’t seem to get my head around whether this is correct or not. The other option seems to be the less correct storage of additional user data on a local database and link it to the user_id, but this doesn’t answer how an admin user on my app can add/remove other users.
Does anyone know any good reading resources for this or even an example application which I can peruse to learn more?