Hi everyone,
I’m building a customer API where merchants can create orders, transactions, etc.
I would like each customer to be able to submit requests to my backend, but I’m able to convey certain metadata to my backend, in particular, the customer ID on my end so that all requests are created/retrieved for that specific merchant.
How can I accomplish this? Any ideas?
Thanks,
Alejandro
Hi @a.pinzon,
Related to your post here: Multiple users for Machine to Machine applications - #3 by a.pinzon there might be a couple of ways to do this.
You can add properties to an id token for a user via Auth0 Actions: Auth0 Actions. During the login flow, you can validate the properties on the id token.
Alternatively, if your customers are requesting an access token to then hit your API, you could add scopes (permissions) with required metadata to the token to verify the correct merchant: Scopes.
Thanks for sharing that with the rest of community!