Auth0 Community

RBAC permissions for SPA app and API

rbac

mathiasconradt September 12, 2019, 9:53am 2

This question seems to be related to this one, therefore linking:

Permissions: claim or scopes Help

I am a little confused on best practices in dealing with API permissions. I understand that in the API within Auth0, I can configure it to always attach the permissions claim to the access token. I am confused because I was under the understanding that the spec defines the scopes claim as the place to define a users permissions. My objective is to have the permissions always included in the access token. I would think you ca achieve this with a rule to automatically add them (although it looks …

show post in topic

Home
Categories
FAQ/Guidelines
Terms of Service
Privacy Policy

Powered by Discourse, best viewed with JavaScript enabled

Quickstarts
Auth0 APIs
SDK Libraries
Articles

Resources

Code Samples
Developer Blog
Videos
Podcast
Newsletter
Glossary

Tools

Auth0 Lab
OIDC Playground
JWT
Webauthn
SAML Tool

Community

Forum
Ambassador Program
Events
Support
Apollo Program

Company

About Us
Our Customers
Partners
CareersWe’re hiring!
Press
Compliance
Social Impact

GET STARTED

Sign Up
Pricing
Contact Sales

©2013 - 2022 Auth0® Inc. All Rights Reserved.

Status
Legal
Privacy
Terms