...
This design only affects BIE access. This design would not apply to CC access.
Score will use Auth0 for authentication and authorization.
Out of the box, Auth0 supports
Managing users
Managing roles
Managing user-role relationships
Only administrators may manage business contexts in Score.
Each business context may have zero-to-many roles associated with it (managed only by administrators). See Figure 3.
There are many ways to design the UI to show roles associated with a business context and to add/delete them. Figure 3 is just one example.
The built-in roles will be supported (end user, developer, admin) as
Score_End_User,Score_Developer, andScore_Adminroles in Auth0.Tenant roles role names in Auth0 will begin with
Score_Tenant_followed by a short name. E.g.,Score_Tenant_AgGateway.
A user may only access BIEs associated with business contexts that are associated with one of the user’s roles.
...