Create Users in Your Application
In the authentication process, the user authenticates through the Identity Provider (IdP), which verifies their identity. Once successfully authenticated, TailorPF queries its database to check if the user’s account already exists.
If the user’s account exists, TailorPF issues an access token, granting the user the appropriate level of access to the requested application based on their roles and permissions.
Here is a diagram that explains the flow of the authentication process. From the client's perspective, the authorization flow is as shown below and uses TailorPF as the authorization server with the Authorization Code Grant.
Steps to Create Users
1. Create a user in Auth0
Log in to your Auth0 account. In the Dashboard, navigate to User management and then select Users.
Click Create User to create a new user.
2. Use a GraphQL query to create a user in the Tailor DB
Get an access token to use it in the GraphQL playground to run queries.
Run the following commands to get access token.
<span><span style="color: var(--shiki-token-function)">tailorctl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">workspace</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">machineuser</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">token</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-a</span><span style="color: var(--shiki-color-text)"> ${your_app_name} </span><span style="color: var(--shiki-token-string)">-m</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">admin-machine-user</span></span>
<span></span>Set the token in the Headers section of the playground as follows:
<span><span style="color: var(--shiki-color-text)">{</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-keyword)">"Authorization"</span><span style="color: var(--shiki-token-punctuation)">:</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string-expression)">"bearer ${your_access_token}"</span></span>
<span><span style="color: var(--shiki-color-text)">}</span></span>
<span></span>Seed the data to ensure roles are pre-populated within the Tailor DB. See Seeding Data for more information.
Query the roles to assign a role to the user.
<span><span style="color: var(--shiki-token-keyword)">query</span><span style="color: var(--shiki-color-text)">{</span></span>
<span><span style="color: var(--shiki-color-text)"> roles{</span></span>
<span><span style="color: var(--shiki-color-text)"> edges {</span></span>
<span><span style="color: var(--shiki-color-text)"> node {</span></span>
<span><span style="color: var(--shiki-color-text)"> id</span></span>
<span><span style="color: var(--shiki-color-text)"> name</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)">}</span></span>
<span></span>You can assign the user a role using its ID.
<span><span style="color: var(--shiki-color-text)">{</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-comment)">"data"</span><span style="color: var(--shiki-color-text)">: {</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-comment)">"roles"</span><span style="color: var(--shiki-color-text)">: {</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-comment)">"edges"</span><span style="color: var(--shiki-color-text)">: [</span></span>
<span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-comment)">"node"</span><span style="color: var(--shiki-color-text)">: {</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-comment)">"id"</span><span style="color: var(--shiki-color-text)">: </span><span style="color: var(--shiki-token-comment)">"422e0d2d-fb14-458b-bbb2-db307fc1a174"</span><span style="color: var(--shiki-color-text)">,</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-comment)">"name"</span><span style="color: var(--shiki-color-text)">: </span><span style="color: var(--shiki-token-comment)">"Admin"</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> },</span></span>
<span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-comment)">"node"</span><span style="color: var(--shiki-color-text)">: {</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-comment)">"id"</span><span style="color: var(--shiki-color-text)">: </span><span style="color: var(--shiki-token-comment)">"f1292168-f6de-405a-9f5a-c674a239da93"</span><span style="color: var(--shiki-color-text)">,</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-comment)">"name"</span><span style="color: var(--shiki-color-text)">: </span><span style="color: var(--shiki-token-comment)">"Editor"</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> ]</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)">}</span></span>
<span></span>Create a user with the email address used in step 1 and assign the 'Editor' role.
<span><span style="color: var(--shiki-token-keyword)">mutation</span><span style="color: var(--shiki-color-text)">{</span></span>
<span><span style="color: var(--shiki-color-text)"> createUser(</span></span>
<span><span style="color: var(--shiki-color-text)"> input: {</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">name</span><span style="color: var(--shiki-color-text)">: </span><span style="color: var(--shiki-token-string-expression)">"<username>"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">email</span><span style="color: var(--shiki-color-text)">: </span><span style="color: var(--shiki-token-string-expression)">"<user-email>"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">roles</span><span style="color: var(--shiki-color-text)">: [</span><span style="color: var(--shiki-token-comment)">"f1292168-f6de-405a-9f5a-c674a239da93"</span><span style="color: var(--shiki-color-text)">]</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> ){</span></span>
<span><span style="color: var(--shiki-color-text)"> id</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)">}</span></span>
<span></span>The user is created and can now access the application.
Next steps
- Create an OAuth2 client to securely log in to the application.
- Log in manually using ID tokens.