Global Roles #342
Unanswered
AdamJSoftware
asked this question in
Q&A
Replies: 1 comment
-
One approach you can take is using Contextual Tuples and send the roles that way https://openfga.dev/docs/modeling/token-claims-contextual-tuples. What Authorization service are you using? We plan to provide ways to synchronize data from some AuthZ services to OpenFGA. In general, we recommend that you have a single store if the users and the domain are the same. This avoids having to do multiple checks to multiple stores for some authorization decisions. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
In my authorization system I have the ability to assign roles to users. This is nice as roles are stored in one default location. Looking at openfga. It seems that its very focused on "user" permissions. And if I want to remodel roles. I would have to create a separate type in the store. I feel like this can lead to some headaches as now we will have to re-enter the roles into the store and make sure they are synchronized with the authorization server. This leads me to the following questions
Beta Was this translation helpful? Give feedback.
All reactions