ManyToMany Permissions

Hi all. I have users that are having crossing permissions between each other. For example, the first user can ignore the second user when the second one doesn’t. Couldn’t find an appropriate topic with the solution. I presume “Rules” can do that thing, then I should get the required parameters about users relation from the context in there. Am I right? Should it be custom DB or I can use default to store relations between users?
Appreciate any help;)

Hello @RSalo,

Welcome to the Community.

Rules only run during login, so they can be used to do things like alter a user’s access and ID token, redirect a user to another URL (as long as that URL eventually sends the user back to Auth0 to complete the login flow), query APIs as part of the login process, etc. They can also be used for coarse grained access control but there are definitely better ways to do that.

Storing relationship information probably calls for an external database, possibly something that implements a graph. You could use a Rule to query the relationship DB in order to include the relationship data in a user’s ID token for example. This project from Auth0 might be of interest:

https://sandman-86.herokuapp.com/tutorials/Intro

1 Like

Thanks for helping on this one Mark!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.