While the resource-filter might not be the only approach to this; the use-case in itself seems so obvious that it’s actually shocking it’s not achievable in the current state of art of Auth0. (and it’s been a while now).
Some use-cases :
- Facebook-like groups / pages management. A user is owner of a group, some others are admin — with specific permissions, moderators. Some users are simple consumers.
- Google Drive-like file management. A user (or a domain) is owner of a file, some others are editors, some others are readers
- Auth0 backoffice itself : a user can be superadmin of a tenant, and simple admin of another
In any of those use-cases, the topic remains the same : a role is tightly coupled with a “resource instance” and not only a “resource type”. That’s what is called a “relation” on that post and others about the same topic.
NB : Please note that there is a common confusion and misuse of langage out there with the term “resource”. Browsing the web about that topic, using “resource” is sometimes related to the “resource type” (Dogs), sometimes to the “resource instance” (Dog with id: 1234). We’re talking here about “resource instance”