Synchronizing Role and User Information Updates Between Ignition and Auth0

Hello Ignition Community,

We are currently working on a project that uses Auth0 as an OpenID Connect 1.0 Identity Provider, and we store user roles within Auth0. When a new user signs up, they are assigned a default "guest" role, which is changed upon admin approval.

We have developed a user management page in Ignition Perspective, similar to the Vision user management component, where users can update their roles, email addresses, and phone numbers. Currently, these updates are only reflected in Ignition's internal user source.

Our goal is to ensure that any changes made to user roles, email addresses, and phone numbers in Ignition are also updated in Auth0. This is a multi-client project, so we are looking for an efficient way to achieve this synchronization.

For example, when a user adds a new person and assigns that person to an "operator" role, updates the email and phone number, and then clicks save from the Perspective user management dashboard, these changes should be reflected in Auth0.

Does anyone have experience or suggestions on how to best integrate these updates with Auth0's user management dashboard? We are specifically looking for methods to:

1. Update user roles in Auth0 when they are changed in Ignition.
2. Synchronize email addresses and phone numbers between Ignition and
   Auth0.

Any advice or examples of similar implementations would be greatly appreciated!

Thank you!

You cannot do this, or at least shouldn't attempt it. The entire point of IdPs is to offload the authentication/authorization question to a "black box" - whether that's first or third party. If you're using Auth0 as your IdP, you would have to figure out whether Auth0 has some standard API you can call into to perform such user management operations. Or, switch from Auth0 to Ignition's internal IdP, and use our user-source based API to manage users.

Trying to bridge two disparate systems like this is only going to end badly.