I have a requirement where my services are scoped under organisations and projects.
Example -
Service - Dashboard API
I want to implement RBAC where a user in (project 1) has the access to Dashboard API and the same user may/may not have access to Dashboard API in (project 2).
Similarly, one user can also belong to multiple organisations but may have different access scopes for same set of services.
Auth0’s multi tenancy could solve my problem at an organisation level. But I don’t see how I can leverage auth0’s RBAC for my specific needs.
Can you guide me the best way to tackle this problem?