Thank you!
Unfortunately, the issue that the school administration has is that we (the students who wrote and are hosting the app) have access to student data. As we would be managing the Auth0 tenant as well as the database, we would be able to use the access key from Auth0 to decrypt the data stored in the database and recover student grades. So we wanted a way to store data for each user such that people with access to the Auth0 tenant do not have access to that information.
Thanks for the suggestion though!