Question about roles

kkrp1 · April 28, 2023, 4:21pm

Hi everyone,

I’m new to all this. Am I right that, to use roles (e.g. employee vs. employer) I need to install the Auth0 Authorization extension? I ask just because the docs for that seemed rather long-winded, just to implement something so simple as roles. Would a simpler approach be to just store arbitrary meta on my users, and then implement the “what sort of user are you” logic in my API, rather than leaving this to Auth0, or is there some simpler way?

[EDIT] - I’ve just seen that there’s also “roles” in the main A0 dashboard. Are these different roles from those goverened by/managed under the extension?

Again, I’m new, so go easy!

Many thanks

tyf · April 28, 2023, 11:53pm

Hey again @kkrp1

You can leverage Auth0 roles by either using the Authorization Core or the Authorization Extension - We generally recommend using Core Authorization and RBAC.

Once roles are assigned to users, you can add those as custom claims in tokens:

Hope this helps to clarify!

kkrp1 · April 29, 2023, 10:21am

Hi again, @tyf - thanks a lot for this, I’ll take a look and dive into it.

system · May 13, 2023, 10:22am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
See the roles of users in the accestoken JWT.io jwt	4	1001	August 25, 2023
Custom roles in Access token from application Help jwt	11	7567	July 4, 2019
Auth0 not returning user roles - Angular SPA Help auth0 , roles	4	4094	August 13, 2022
Auth0 Action add user role to token Help user-profile , user-management	2	533	March 25, 2024
What's best practice for managing users, roles and permissions in a web app? Help management-api , users	4	268	June 13, 2024

Question about roles

Related Topics