Role management

I’m really confused with how to use roles

I can find plenty of information on how to set roles, but if for example I want to hide/show UI elements based on whether a user has an ‘Admin’ role, there’s little to no information provided by auth0

If someone can help or point me in the right direction it’d be most appreciated

Was searching for role related threads and found this. I’m currently trying to work out how we will implement roles in our own Auth0 environment.

To answer your question, you need to send the user’s roles over the wire with your token. Then it is up to your application to decide what to do with those roles.

For a more centralized approach, I had the idea of an RBAC API. This is similar to the Authorization Extension that Auth0 has. Once your user is authenticated, your app queries the API to see what roles they have, and perhaps all the scopes associated with those roles. Perhaps you list a user’s assigned groups in app_metadata.groups: [], and send that list with their token. Then the app asks the API what roles are associated with the user’s groups.

Hey there Mark,

Sorry for such delayed response. Do you still need us to look into that?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.