Hi there. I have a NextJS project, and due to some reasons, I’m implementing an API in this NextJS instead of some external app.
I need to work with user permissions in this API endpoints, but am I even able to do that? Looking at the docs and some forum topics, it seems like auth0 treats NextJS apps only as a client app, and not as an API.
What options do I have to make permissions available in my project?
Hi @vt222_rtyu,
Welcome to the Auth0 Community !
Firstly, your NextJS application is treated by Auth0 as a Regular Web Application, not as an API. However you can register a custom API in the Auth0 Dashboard and call it from your application. You can follow this guideline on how to integrate your NextJS app within Auth0, that also includes step by step documentation on how to call a Protected API resource.
This would be the way to accomplish getting user permissions on the server side if you want to use Role-Based Access Control, so you can assign permissions to users directly, or based on their role. You can also check out the Manage Role-Based Access Control Permissions documentation.
Then you can make a call to the Management API on the GET /v2/users/{id}/permissions endpoint in your app to access them.
I hope this helps!
Thanks,
Remus