My application has users, classes and roles where users can have multiple different roles for different classes.
User A -> Class 1 -> STUDENT_ROLE -> Class 2 -> ADMIN_ROLE User B -> Class 1 -> STUDENT_ROLE -> Class 2 -> STUDENT_ROLE User C -> Class 3 -> INSTRUCTOR_ROLE
- Users will be added over time (application users)
- _ROLE s are pre-defined
- Classes will be added over time
I want to include all these information in the JWT token i received from Okta.
I couldn’t find a good way of doing that yet, I was looking to utilize user’s profile attributes and define a an attribute array as follows
UserA:> permissions : [ “class1:STUDENT”, “class2:ADMIN” ]
UserB:> permissions : [ “class1:STUDENT”, “class2:ADMIN” ]
UserC:> permissions : [ “class3:INSTRUCTOR” ]
If anyone thinks there is a better approach?