Thanks for your reply. Essentially my goal is this…
I have a custom react web application with a .NET core web api that I’m trying to setup groups/roles that are specific to this particular web application, so that I can apply authorization to these application level groups/roles. For example, I may have two organizational level groups, Internal and External. But within my application, I’d like to have 3 more granular groups, let’s say ProjectManager and Analyst, and it’s these groups I’d like to apply authorization.
What I’d like to do is find out the best practice for applying authorization to application level groups (groups within the application) by using Okta.
To achieve this, my thinking was to create a custom attribute on the application user profile, let’s call it appGroup. This attribute would be an Enum with two items, ProjectManager and Analyst. During user registration, I would then capture the value selected by the user, and by using a GroupRule, place the user in the appropriate Group based on their choice. The issue I’ve found is that it doesn’t appear as though I can set a custom attribute on the application user profile, either through the API or self-registration.
Essentially, organizational level groups are not helpful with authorization for this particular application. However, multiple other applications within our org would benefit from organizational level groups. This however is a custom, public facing web application.
I’ve been struggling with this for some time so any help would be greatly appreciated!