I want to host a JAMStack site on Cloudflare Workers Sites and use Auth0 for auth purposes.
I saw in some examples that (subscription) plan data was inside an Auth0 profiles metadata.
Is this the right place or should I put it with a user ID into Cloudflare Workers KV?
I want to protect some CFW (API) and CFWS (UI) routes.
Hi @kay-is,
Welcome to the Community!
I am not all that familiar with Cloudflare’s serverless offerings, but maybe I can give you some insight on the Auth0 side.
In Auth0, you can use the app_metadata property of the user’s profile to store data that is read-only to the user. This includes could include things like a user’s permissions, external id, or something like a subscription tier. You can then use that data in a rule to make decisions in the authentication pipeline. Here is the metadata doc with more examples and explanation:
In addition to using that info in a rule, you can add app_metadata it to the token in a custom claim and make decisions in the client or API.
Hope this helps!
Dan
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.