We have several different clients in our account, but it seems that all of the users in the management UI group all the users together. We have some clients for prod, and some for test. We would like to not mix the test and prod users up. Is it possible to segregate the users by the client they are associated with?
For prod, test and qa you should have multiple tenants this is documented athttps://auth0.com/docs/dev-lifecycle/setting-up-env
Does this means that all users in an account are treated equally, no matter what client they came through?
You can set up multiple connections and allow access to users from a specific client. However, for perfect isolation, we recommend using multiple tenants.
How can I allow access on a per-client level?
In client settings there is a section for allowed connections, by default all connections are enabled for all users. Furthermore, you can create rules to restrict this. However, I strongly recommend using multiple tenants for multiple environments.
As a summary of the information provided in the comments:
- for complete isolation between production and test/QA users you may consider using a separate account; also see https://auth0.com/docs/dev-lifecycle/setting-up-env and https://auth0.com/docs/dev-lifecycle/child-tenants
- within a single account users belong to individual connections which may allow you to filter search results or enable only certain connections for some clients.