Scoped / Multi-Level RBAC Roles


We’re currently investigating using Auth0 for authentication and authorization within our B2B SAAS.

Our current sticking point is trying to figure out how implement the following type of RBAC within Auth0:

  • Roles and permissions at an organisational level, i.e super admin with full access rights, a role in which you can create a project
  • Roles within a specific project, distinct to organisational level roles, i.e a role where someone can add tasks to a specific project and and not all projects.

Any ideas how something like this can be implemented with Auth0?

Hi @duncan.bain,

Welcome to the Auth0 Community!

I understand that you would like to implement RBAC in the context of an Organization.

Yes, this is possible! I have outlined a couple of steps to follow to configure RBAC in the context of an Organization:

  1. First, you will need to configure RBAC: Configure Core Authorization Features for Role-Based Access Control
  2. On step 4, you will need to assign users to Roles in the context of an Organization: Add Roles to Organization Members

Take note that there is a difference between assigning roles to users globally versus in the context of an Organization. I recommend reading this FAQ for more information.

Please let me know if you have any further questions or need clarification on the implementation.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.