Can a Regular Web Applications use Roles from User management or must we use app meta data to manage roles?
Welcome to the Community! While the roles feature (“Core Authorization”) is closely associated with APIs, it is available no matter which type of application you are building. All the data is available through the Management API. You can use this feature on its own, or in conjunction with additional data stored in your user profiles, including
Thanks. i guess that leads me on to ask where is the user roles within the token.
I have followered https://auth0.com/docs/quickstart/webapp/aspnet-core/03-authorization and understand how modify the startup.cs we look for RoleClaimType as part of the token validator however how can i use Auth0 user roles in a similar fashion.
i have successfully implemented a solution using app_meta data in side .net core mvc app. This provides me functionality to add/modify users roles within app meta data.
This role functionality is already available within Auth0 user roles so i want to try and utilize that rather than build and main extra code
Roles won’t be included in tokens automatically. To include them, you can enable RBAC for APIs and then create a rule which will add user roles to their tokens. You can find more details on this process here: https://auth0.com/docs/authorization/concepts/sample-use-cases-rules#add-user-roles-to-tokens
I hope this helps!