We have a use case where the application has projects and users are added to different roles in various projects. For example, Mike is a registered user. He is Project Manager in one project and a Director in another. I want to be able to authorise his actions in the his projects based on the role he holds in it.
How do I model this in Auth0?
Hello @santhosh.sadanandan,
Welcome to the Auth0 Community! Depending on your application architecture you may be able to leverage Auth0’s core authorization feature, but I suspect you may need to build a DIY solution by storing role data in app_metadata. Off the cuff:
"app_metadata": {
"entitlements": {
"project_1": {
"role": "Project Manager"
},
"project_2": {
"role": "Director"
}
}
}
Then use an Auth0 Rule to include entitlements data in the user’s ID and / or access tokens.
Or you could potentially use both … use core RBAC to organize scopes / entitlements and user metadata to store project access data. This might work if, for example, all Project Manager have the same entitlements, but restricted by project.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.