After reading the documentation, I can’t figure out if my use case is possible with Auth0 :
We develop a SPA (React.js) for backoffice identified users (regular accounts) + hundreds of occasional sub-contractors with limited permissions (access to only few screens)
What we would like to do about subcontractors :
- in a backoffice screen, the manager enter the e-mail of a contractor who will perform the work (the account doesn’t exist yet)
- A passwordless link is generated using the auth0 API and we send it via e-mail to the contractor.
- When the contractor clicks on the magic link from his mailbox, his account is created automatically with a default role (‘contractor’ for instance). This role maps limited permissions we check in our app.
- The link is invalidated after few days and ideally, the account is dropped automatically from Auth0 to avoid polluting the admin console (there’s few chance we work again with the same contractor anyway)
What do you think ?