in the token, it already returns to me the role and the permissions, but I can’t understand how in the code, both in angle and in node, to be able to tell the components or the endpoint that that user can have access or not, it will be that someone has a practical example with which I can orientate myself, for
Welcome and thank you for posting in Auth0 Community! @jorge
Most of RBAC is implemented with regard to the API and in your Dashboard.
Essentially, you create roles with permissions and assign them to users in the Dashboard. These permissions are specific to an API, in which you will enable RBAC. The permissions can come back as part of the access token if you choose. You can also add or read roles using Rules. From there, in the Angular app, you’ll just get those roles from the payload that comes back from Auth0 and use them in your app.
Here are some relevant docs for you:
- RBAC overview
- Steps for Configuring Core RBAC
- Enable RBAC in APIs
- Sample Use Cases of RBAC
- Article on RBAC and React (still a good reference for using roles in a UI despite not being Angular)
Let me know if that helps!