I would love to get an understanding of how people are handling this currently. Specifically, we’ll have hundreds or thousands of customers, each with their own company divisions. Creating a new Auth0 tenant for each of these companies (and an Auth0 organization for each division within the company) does not seem tenable. They’ll all be accessing the same application and set of APIs.
Thanks @jgleason. Using the example in the post you linked to, are you saying you used a role to represent Brand 1-Accounting and another role to represent Brand 1-Maintenance?
I was trying to use organization because I wanted the user to have different permissions on the same thing. The problem is I can’t switch orgs without completely logging back in since the Auth0 UI stuff doesn’t seem to support it.
Also these are hierarchical so I want to be able to set the permission at the highest level and inherit the lower level permissions. So if I am part of Org A and I am granted a permission (user:write) I am also granted that permissions in the Organization B because it is a child of A.