Prisma

Let me try something else: 
1. User signs up/logs in using auth0
2. auth0 queries a graphcool `Profile` table, which contains an email (and the permissions of the user)
3. JWT is returned to the user, who can run 'createuser' (auth0 integration part of graphcool)
4. on creation of a new user, the `Profile` table as linked to the `User` table and permission queries can be run using the `Profile` data (which contains permission data - e.g. in an `AppMetadata` field, in line with auth0)

This makes it possible to setup permissions and emails before the user has logged in/signed up. After sign up, the data is linked nicely, and the profile of the user should stay synced between auth0 and graphcool somehow (I can figure that out, I guess). 

*Question* : How can I make step 4 work - link `Profile` data with the `User` based on email (the JWT contains an email) on user creation?

<@U4RVAL2NP> post big questions in the forum

ok, not sure if that will help :stuck_out_tongue:

I'm already struggling 6 months now with this issue, but I hardly ever get a reply how to solve it properly. The main issue actually is: authorization info (http authorization header) is not exposed in the permission queries, which really is a pain.