Question about roles

Hi everyone,

I’m new to all this. Am I right that, to use roles (e.g. employee vs. employer) I need to install the Auth0 Authorization extension? I ask just because the docs for that seemed rather long-winded, just to implement something so simple as roles. Would a simpler approach be to just store arbitrary meta on my users, and then implement the “what sort of user are you” logic in my API, rather than leaving this to Auth0, or is there some simpler way?

[EDIT] - I’ve just seen that there’s also “roles” in the main A0 dashboard. Are these different roles from those goverened by/managed under the extension?

Again, I’m new, so go easy!

Many thanks

Hey again @kkrp1 :slight_smile:

You can leverage Auth0 roles by either using the Authorization Core or the Authorization Extension - We generally recommend using Core Authorization and RBAC.

Once roles are assigned to users, you can add those as custom claims in tokens:

Hope this helps to clarify!

1 Like

Hi again, @tyf - thanks a lot for this, I’ll take a look and dive into it.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.