Scope Best Practices


I’ve got the basic functionality running. Now need to get to some advanced scenarios.

Want to make sure that users cannot access/modify sensitive information. For example, planning to store StripeCustomerId inside app_metadata of each users. This is ok for users to read, but users should not be able to modify app_metadata.

I was thinking to use 2 Applications within the tenant. First application would be used to authenticate end users, and the second application would be used from my backend to modify modify app_metadata.

What would be the best scopes to assign to each application?


Hello @berlioz,

Which users are you referring to? A user does not have sufficient rights to modify their own app_metadata, unless you create a privileged process for them to use. They can modify their own user_metadata is you provide them an interface to do so.

Said another way: the user’s own credentials are sufficient for them to edit their own user_metadata, but are not sufficient for them to edit their own app_metadata.