

Extending Auth0 model

Auth0 model and its extension provide a solid mechanism for authentication and user profile management. On top of this, BDRC still needs to implement ways to secure endpoints and resources according to Auth0 users' profiles. BDRC therefore needs to extend the Auth0 authentication model in order to implement these two secured objects (endpoint and resource Access) and their relationships with the core Auth0 model.

Endpoint:

An endpoint is uniquely identified by a path and an Application resource. It can be accessed by all the users belonging to its associated Groups or having one of its associated Roles.

Endpoints models are built as follows:

Resource Access:

A Resource Access is independent from any endpoint as it is only linked to specific permissions and BDRC Acces Types. It is used to check access to secured resources served by any endpoint or application (wether these endpoints or application are otherwise secured or not).

In other words, one can have public endpoints or applications implementing specific policies for resource access.