The core Authorization features of Auth0 allow for role-based access control (RBAC) of your APIs. For RBAC to work properly, you must enable it for your API using either the Dashboard or the . To learn more, read Enable Role-Based Access Control for APIs. Authorization Core functionality is different from the Authorization Extension. For a comparison between the two products, read Authorization Core vs. Authorization Extension. To use the core functionality most efficiently, you should do the following:
  1. Register API with Auth0
  2. Define permissions for API
  3. Create roles
  4. Assign roles to users
  5. Assign permissions to users, if needed.

Learn more