We don't have the full functionality of user role management (open GitHub issue) yet.
What we provide as of now is a way to associate roles with a user's session, so that it can be read on the frontend and backend very easily.
The overall flow is as follows:
- On sign up / in, set the user's role in the access token. Since we can set any JSON object, role definition can be arbitrary in their structure.
- For subsequent backend API calls, post session verification, the payload can be accessed to read the user's role.
- The frontend can also read the user's role.
- Roles can be updated during a session via backend APIs, post session verification.