SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hey , I have a use case ,lemme know if this is possible using Supertoken's RBAC
User A belongs to ROLE 1 with read permission 
I need a User B to belong to same ROLE but with different permissions . 
I couldn't find a way to do as users are attached to just role and a role has permissions . 
So, the only way to do is to create another role

hey <@1154415150711971890> thats correct. You would need to create another role. 

One way to get this to work in a nice way is to create role names like (if the role is an admin role for example):
```
admin -> []
admin-userA -> [p1]
admin-userB -> [p2]
```
In the above, we have mapped admin to no permissions, but have mapped admin-userA to permission p1, and admin-userB to permission p2

So you could assign roles `admin` and `admin-userA` to `userA` and roles `admin` and `admin-userB` to `userB`.

This way, the affective permissions for the users would be different, and yet, you can check that both, userA and userB have the `admin` role or not.

But this architecture would have problem 
as it would result in a lot of roles and hence
when we are protecting the routes at backend  we would need to pass all of those in verify session at the userRoleClaiMValidator . Don't you think that would be a poor architecture .

you only need to pass in the admin role to that

the admin-userA and admin-userB are sort of hidden roles

and really, you can create even a million roles.. it's not an issue and won't affect the scalability or anything