The Authorization Extension provides support for user authorization via Groups, Roles, and Permissions. You can define the expected behavior during the login process, and your configuration settings will be captured in a rule that's executed during runtime.
With the Authorization Extension, you can store authorization data like groups, roles, or permissions in the outgoing token issued by Auth0. Your application can then consume this information by inspecting the token and take appropriate actions based on the user's current authorization context.
With the Authorization Extension, roles and permissions are set on a per-application basis. If you need the same roles or permissions on another application, you'll have to create them separately. Conversely, the Authorization Core feature set provides much more flexibility with roles and permissions.
Before you can use the extension, you'll need to install it, configure the rule controlling its behavior during login, and set up your user management.
You can easily move data into or out of the Extension.
Once your extension is up and running, you can add additional functionality to it. You can also import/export user-related data.
Review our tips for troubleshooting commonly-seen issues.