@arjvik first, congratulation on your project!
Seconds, I have the same problem you have and I am still trying to solve it. I found this resource:
But I did not tested yet.
That is not what you need but maybe works. What I plan to do to mitigate the lack of this functionality is the following:
- Every time that a new user registered on my site, I create an encryption key.
- I store the private key on the user profile on auth0 as a metadata
- When a user login I store in the user web session the key.
So, if your database is compromised, the sensitive data is protected. If your admin user in auth0 is compromised the intruder would not be able to see any data, just the private keys. If both, your database and the admin user in auth0 is compromised, you lost 