How can user x and a role to user y?

In my application, there are multiple roles. What is the best way to add following functionality?

After user y registrates as an employee, he needs to be added with a specific role.
How can user x (the boss) assign a role to user y(the employee)
What I thought, is that the boss has scope (assing:roles) and then he calls my custom api and I then call the management api from auth0. Is this the right way?

Hi @ibi,

Yes, the way you describe makes sense. You just need to have a trusted client like a backend API that calls the management API.

You could also use a role for the boss, like an admin role for instance.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.