Auth0 Home Blog Docs

How to model entity relationships when user identities are managed by Auth0?



Can someone explain to me how model relationships work with an external service provider like Auth0?

Imagine that a user has posts, a profile etc. Normally an user has one profile, and an user has many posts.
How do I need to handle this with an external service? Linking posts and user profile?


The Auth0 external service can be used as a way to manage the user identities from the point of view of authentication and authorization; the business logic and data can and should stay located in your application and associated storage.

You would then proceed to model your business relationships as normal and as required; the only difference would be that you would not be including any user identity related models (think username/password related stuff or social authentication data) as those would be handled by Auth0. In summary, your database would use a user identifier to associate user data to a given user identity managed by Auth0; every user identity managed by Auth0 is assigned a unique identifier so that would be your first choice to use as the way to link user identities in Auth0 to business data.

For example:

 UserIdentity :: Managed by Auth0
   - user_id
 =========| the user_id bridges the gap between Auth0 and YourApp |========
 UserProfile :: Managed by YourApp
   - auth0_user_id
   - yourapp_user_id
   - (other profile data specific to your application)
 Posts :: Managed by Your App
   - post_id
   - yourapp_user_id
   - (other post data)


I am building an API with rails, What is the best way to accomplish creating a user profile and setting the auth0_user_id? What is the user flow after creating a user on the auth0 dashboard?


Hi, I don’t use Rails but the flow can be the same: I use a rule to save my app internal user Id in Auth0’s profile (I also store auth0’s user id in my app DB, but this is not strictly required). On each login, I use a rule to check if a custom property is set in auth0’s user app metadata. If yes, I use the value as Id for my user and explicitly set it in the generated token. If not set, I call my API to create/get the user, and save the obtained Id property in auth0’s profile.