I am trying to do the below use case with Auth0.
Our user credentials are in the SQL back end and APIs are there to authenticate the user.
User permissions are in nosql database and we have apis for that as well.
When authenticating the users, I need to pass some additional parameters which will be required by the authorization apis to return the claims properly and embed them in the access token.
A few queries on implementing a solution for this.
- Is it possible to customize the universal login page per application - to get the additional inputs from the user during login which can be used later only for specific applications? (I am assuming going for the custom ui might help, but requires more development)
- Is it possible to pass any additional parameters to the custom connection - login script, apart from username, password and callback function?
- Is it possible to store session parameters anywhere apart from the user object data, global variables, that can be used only for the current user session - that can be referred in the rules that are executed? [or] Is it alright to store such temporary information in the user object data?