Create User in Python Failes with HTTPError 400 Bad Request

nottinhill · November 14, 2017, 5:09pm

Fails with HTTPError 400 Bad Request:

imports..
def main():

    access_token = ""...
    variables = ""...

    base_url = "https://{domain}".format(domain=DOMAIN)

    data_auth = parse.urlencode(
                             ('client_id', CLIENT_ID),
                             ('client_secret', CLIENT_SECRET),
                             ('audience', AUDIENCE),
                             ('grant_type', GRANT_TYPE),
                             ('email', EMAIL),
                             ('password', PASSWORD),
                             ('connection', CONNECTION),
                             ('email_verified', EMAIL_VERIFIED),
                             ('verify_email', VERIFY_EMAIL),
                             ('user_metadata', USER_METADATA)
                            ]).encode("utf-8")
    req = Request(base_url + "/oauth/token", data_auth)

    try:
        response = request.urlopen(req)
        oauth = json.loads(response.read())
        access_token = oauth'access_token']
        print(access_token)
    except error.HTTPError as e:
        print('HTTPError = ' + str(e.code) + ' ' + str(e.reason))
    except error.URLError as e:
        print('URLError = ' + str(e.reason))
    except Exception as e:
        print('Generic Exception' + str(e))

    data_user = bytes(parse.urlencode(
        ('audience', AUDIENCE),
        ('grant_type', GRANT_TYPE),
        ('email', EMAIL),
        ('password', PASSWORD),
        ('connection', CONNECTION),
        ('email_verified', EMAIL_VERIFIED),
        ('verify_email', VERIFY_EMAIL),
        ('user_metadata', USER_METADATA)
    ]).encode("utf-8"))

    req = Request(base_url + "/dbconnections/signup", data_user)
    req.add_header('Authorization', 'Bearer ' + access_token)
    req.add_header('Content-Type', 'application/json')

    try:
        response = request.urlopen(req, data_user)
        res = json.loads(response.read())
        print(res)
    except error.HTTPError as e:
        print('HTTPError = ' + str(e.code) + ' ' + str(e.reason))
    except error.URLError as e:
        print('URLError = ' + str(e.reason))
    except Exception as e:
        print('Generic Exception' + str(e))


if __name__ == '__main__':
    main()

jmangelo · November 14, 2017, 7:13pm

The /oauth/token is not meant for user creation so not being able to create a user from that endpoint is the expected behavior.

In relation, to the /dbconnections/signup this will indeed allow to create/sign up a user (assuming the connection in question allows public signups). However, the payload you’re sending to that endpoint is incorrect so you should check the Authentication API explorer entry: Authentication API Explorer

Having said that, the payload you’re using seems to imply that you want to control if verification emails are sent or not (the payload contains verify_email parameter) so in that case you may not want to be using the public signup endpoint and instead create the user through the Auth0 Management API which would indeed support the verify_email parameter. See the following documentation for more info: Auth0 Management API v2