Re generate access token on URL change NextJS

  • Which SDK this is regarding: NextJS

I need to manage users across multiple organisations (not Auth0 organisations). The org is known via the current url as it contains the org ID.

A user can be a member of multiple organisations, but will have different permissions across each org.

Can I regenerate an access token when the URL changes i.e. when a user switches organisation? I was looking to have a rule that will get the organisation ID from the url, match that to one in the users app_metadata, and use the management api to get the permissions and add them to the access token.

Currently, I grab the access token from the session when I use the NextJS api functions.

Does Auth0 have access to request headers when a token is being re-generated? As keeping the org ID in a header will result in cleaner URL’s