I have web application in ReactJs, its more of reporting dashboard kind of application. As I’m using Okta for SSO I also want to manage access control from okta, in such a way that I can set up custom access policies like read:report, write:report to custom user groups created in okta and when the user loggs in which belongs to that group I want these access policies in my access token which are assigned to that group.
Can we add access policy as custom attribute into access token which shows like this
{
“access”: [“read:report”, “write:report”, “delete:report”]
}
The whole purpose of this is, I can handle the access control completely through okta.
Can anyone help here how can we achieve this.