Documentation suggestion: Give example/steps to add this to a new Payload instance
hades200082 opened this issue · 3 comments
When crating a new Payload instance with npx create-payload-app what steps are needed to add this plugin?
Note, default Payload instances already have a "Users" collection... is your example "your-auth-collection.ts" meant to replace this, or be added to it?
Some info on how it works with Auth0 too would be nice. i.e.:
- Can you create users directly in Payload and they get created in Auth0?
- How does it handle roles/access control?
- What if I have public users on my website also using Auth0 but don't want them to have access to the CMS?
hey @hades200082 ,
the steps to add this plugin are quite simple:
- install it:
yarn add payload-auth0-plugin - follow the
README.mdinstruction (e.g. theUserscollection that you get from thenpxcommand must be modified as per documentation)
Replying to your questions:
- No. The plugin uses Auth0 as the source of truth for all users by completely replacing the standard login process.
- Roles/access control is completely managed by you (as per documentation here: https://payloadcms.com/docs/access-control/overview)
- Typically you will have 2 different user base for admin section and public website
I'm still not sure I understand.
Typically you will have 2 different user base for admin section and public website
Does this mean that I have to have two different "User" collections to use this plugin?
Say I had a client that already had Auth0 SSO in place for other things in their organisation and they just wanted to use the same Auth0 tenant for logging into Payload CMS Admin, would this plugin allow that or is it only for "front end" website accessing the API?
They could use the same Auth0 tenant.
But please, take into consideration that currently any ACL configuration is not passed from Auth0 to this plugin so you have to filter out any potential unwanted users (eg "frontend" users that must not access the admin section).