RBAC Not Working

I’m working on an Auth0 + Netlify integration. I’m able to generate the appropriate token that Netlify should be expecting to use for protecting routes based on a role. I’ve got the following redirect configuration setup, but I can navigate directly to the /admin/admin route without Netlify stopping me.

/admin/*  200!    Role=admin

Site Name - https://netlify-auth0-integration.netlify.app/
Build is fine

1 Like

Hi James,

No redirects are deployed on that site. You can see our build system telling you this here:

I’d guess that your _redirects file did not end up next to index.html - I only see these files in that deploy (I should see _redirects too - we keep a copy with the deploy but do NOT allow browser access to _headers, _redirects, and netlify.toml):

1 Like

Thanks for the response!
My _redirects file is in the root of my repo (see image below) where my netlify.toml file is. My index.html page is inside of a /public directory. So you’re saying that my _redirects file should be in the public directory?

Welp, the redirects file does need to go into the publish directory. Works now!! :slight_smile: Thanks @fool

Also it feels weird to type “Thanks fool” hahaha


great! glad its working :smiley:

1 Like

Glad to hear you got things working! To explain that oddness you mention, we do copy netlify.toml from the root of the repo to save a copy for our staff’s debugging.

Re: calling me fool, please do whatever is comfortable for you :slight_smile: I’ve always been named “Christopher Michael” which is pretty much the worst for namespace collision: when your name is Chris, there’s always another Chris in the room. In this case I tried to avoid collision by being an early hire at Netlify, but when one of the co-founders is named Chris, even employee 9 needs a different email address and nickname…

1 Like