We are evaluating if we could use Auth0 as our identity management platform and are wondering if we could implement the following process:
- User wants to sign in at app1 under app1.domain.com (we have several web and mobile apps)
- User signs-in over Auth0 SSO
- After successful sign-in, the user is prompted with a list of organizations that he/she is part of. User selects an organization.
- At this point, the JWT claims are updated with: org-id, user role in that org (user could have different roles in different orgs), Hasura headers etc.
The user can switch the organization at any point, at which the JWT token is updated with details from the selected organization.
I saw that similar things can be done with “Rules”, right after sign-in, but in the above process, the organization selection would happen at a later point.
Would be happy for suggestions and if that could be implemented with Auth0.