I am trying to find a solution to our situation. There are a few threads that are close and other says “rule has been depreciated” so I thought I would create a new thread to specifically find an answer.
We are performing a feasibility study looking to implement Auth0 as our identity provider and our implementation will observe clean architecture.
We have a .net core c#, entity framework, backend with react frontend. We have 1000s of members.
Our applicant and member database will remain on our backend to observe clean architecture.
We want to use a third party identity provider to take advantage of multi tier authentication and the latest security protections.
How we envisage our system to work is an applicant will complete our registration form, once the registration process is complete we plan to use the machine to machine api to create an auth0 account and request the applicant to identify themselves.
How will auth0 know who is identifying themselves for which account? Can we temporarily link an Auth0 account to a sessionID until they have identified themselves?
What are the options available to us?
How do experts familiar with Auth0 achieve this process?
ps, whilst creating a new thread a list of ‘similar’ topics is listed but I could not click on them to view.