I’m new to Auth0 and I’ve been playing around with it and so far everything works as expected. However I have a problem that I couldn’t find a straight answer too and I don’t know if this is at all possible.
I have a blazore server app and a asp.net core api.
In Auth0 I’ve created a API and added some permissions to it. I’ve then created some roles and added the permisssion to those roles. Finally I’ve added the roles to users. When I’m now I can now connect to the API part and get my permissions. that are assigned to the role that the user has.
Now I would like to retrieve these role permissions in my Blazor server app to had certain parts of the interface based on those permissions.
for example: User has products.read => he should be able to see the page products.
an icon/button would become visible if the user has a role with the permission product.update
Would anyone be able to assist me with this? I’ve been struggling with this for a couple of days now.
Completely agnostic to tech stack, this is typically achieved by adding permission to access tokens - The easiest way to do this is by enabling the option in the settings of the API registered in Auth0.
Thanks for the response indeed I used this toggle button and this enabled me to call my API in context of a user.
However in my use case I’ve just authenticated and I want to load the pages. When I’m requesting an access_token for the API it will indeed contain the role permissions. However in my Blazor Server App, the identity_token is being checked.
I was able to add the roles to this token with actions, but I can’t seem to find a way to add the persmissions.
My code in the Blazor Server App is the following:
You could infer permissions from roles (this is a common practice) or you will need to add them in additional steps: