Search code examples
next.jsauth0rbac

Auth0 RBAC Regular application

Hello and good day everyone! I am making an application using Next.js and auth0 for authorization and authentication. I wonder how to set users' role by them own. Roles are "admin", "manager" and "worker". I have configured RBAC (role based access control) but don't have any idea to set user's role in programmatically way.

I don't have any idea I searched for documentations but I didn't find anything what I want. I am expecting a codebase like this stuff setUserRole(user_id, role);

Solution

  • You can set roles to users with Auth0 UI and API

    With the UI:

    • Go to Dashboard > User Management > Users.
    • Click ... next to the user you want to modify and select Assign Roles.
    • Choose the role(s) you wish to assign, then click Assign.

    With the API:

    curl --request POST \
  --url 'https://{yourDomain}/api/v2/users/USER_ID/roles' \
  --header 'authorization: Bearer MGMT_API_ACCESS_TOKEN' \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json' \
  --data '{ "roles": [ "ROLE_ID", "ROLE_ID" ] }'

    However, notice that Auth0 roles may sometimes be a bit hard to use, I had issues with calling Auth0 roles API a lot of times to check roles and got to my API quota, so you may want to consider other AuthZ solutions such as Permit.io, AuthZed or others.

    In this blog you can see how to do it with Auth0.