Auth0 Home Blog Docs

How to model entity relationships when user identities are managed by Auth0?

architecture

#1

Can someone explain to me how model relationships work with an external service provider like Auth0?

Imagine that a user has posts, a profile etc. Normally an user has one profile, and an user has many posts.
How do I need to handle this with an external service? Linking posts and user profile?


#2

The Auth0 external service can be used as a way to manage the user identities from the point of view of authentication and authorization; the business logic and data can and should stay located in your application and associated storage.

You would then proceed to model your business relationships as normal and as required; the only difference would be that you would not be including any user identity related models (think username/password related stuff or social authentication data) as those would be handled by Auth0. In summary, your database would use a user identifier to associate user data to a given user identity managed by Auth0; every user identity managed by Auth0 is assigned a unique identifier so that would be your first choice to use as the way to link user identities in Auth0 to business data.

For example:

 UserIdentity :: Managed by Auth0
   - user_id
 
 =========| the user_id bridges the gap between Auth0 and YourApp |========
   
 UserProfile :: Managed by YourApp
   - auth0_user_id
   - yourapp_user_id
   - (other profile data specific to your application)
 Posts :: Managed by Your App
   - post_id
   - yourapp_user_id
   - (other post data)

#3

I am building an API with rails, What is the best way to accomplish creating a user profile and setting the auth0_user_id? What is the user flow after creating a user on the auth0 dashboard?


#4

Hi, I don’t use Rails but the flow can be the same: I use a rule to save my app internal user Id in Auth0’s profile (I also store auth0’s user id in my app DB, but this is not strictly required). On each login, I use a rule to check if a custom property is set in auth0’s user app metadata. If yes, I use the value as Id for my user and explicitly set it in the generated token. If not set, I call my API to create/get the user, and save the obtained Id property in auth0’s profile.


#5