11d (edited) • Wins
IAM / Access Management: RBAC with Auth0
First of all, thank you, Srinath. The way you explain each IAM concept with a demo is really good and very easy to follow.
After the Authentication vs Authorization and RBAC lessons, the Auth0 example you showed in the video gave me the idea to build my own version the same way. Here is what I did:
  1. I Set up my app in Auth0 as a Single Page Application.
  2. After that, I made two users, one admin and one normal user.
  3. Made two roles (admin and user) and assigned them to the users.
  4. Added a Post-Login Action so each user's role goes into their login token.
  5. Built a small app with four pages (Public, Profile, Protected, Admin) that checks the role.
Result: both users can log in (authentication), but only the admin can open the Admin page. The normal user logs in fine but gets a clear "Access Denied" (authorization).
This proves: being logged in is not the same as being allowed to access everything.
6
2 comments
Debjit Das
3
IAM / Access Management: RBAC with Auth0
powered by
SimplifyIAM
skool.com/simplify-iam-6792
For anyone breaking into Identity & Access Management. Hands-on Labs, core concepts, career guidance, and interview prep - whatever your background.
Build your own community
Bring people together around your passion and get paid.
Powered by