Getting user password from management API using nuget package

We are currently trying to make a change to our website so that it uses Auth0 to authenticate. As part of that, I am rewriting an admin website that we have for managing the users. The users will now be stored in Auth0 and the admin website will therefore have to be able to list/add/edit Auth0 users in my tenant.

The config website uses the Auth0 Management API nuget package: GitHub - auth0/auth0.net: .NET client for the Auth0 Authentication & Management APIs.

But I have run into a problem. I can get a list of users. I can get the user’s details and present them in an edit form onscreen, but I can’t save the changes made, because when I try to do this I get an error that I need to supply a password in the UserUpdateRequest model that gets passed into the Users.UpdateAsync call.

But when I get the user’s details (client.Users.GetAsync(id)), it doesn’t give me back a password property. If I could get the password from the call to GetAsync(id) then I could add it to the UserUpdateRequest. But if I can’t get the password from GetAsync, how can I put the password in the UserUpdateRequest? How am I supposed to ever save a user?

I guess my ultimate question is: how can I get the user’s password using the Management API…so that I can supply it later on to the UserUpdateRequest model when calling Users.UpdateAsync. Or if I can’t get the user’s password, can I somehow update the user without knowing their password?

Code to get user:

var token = GetAccessToken();
var apiClient = new ManagementApiClient(token, new Uri("https://MY_TENANT_ID.au.auth0.com/api/v2"));
var user = await apiClient.Users.GetAsync(id);

Code to update user:

var token = GetAccessToken();
var apiClient = new ManagementApiClient(token, new Uri("https://MY_TENANT_ID.au.auth0.com/api/v2"));
var updateReq = new UserUpdateRequest()
{
    UserName = model.UserId,
    Email = model.Email,
    Password = model.Password,
    EmailVerified = model.EmailVerified,
    AppMetadata = model.AppMetadata,
    UserMetadata = model.UserMetadata
};
var user = await apiClient.Users.UpdateAsync(model.UserId, updateReq);

I confess I did not try this myself, but I would say it’s highly likely that the issue is that model.Password is an empty string "" which means that it’s serialized into JSON as "password": "". The Management API will trigger an error if you specify the password field with an empty value so you should ensure that if you’re not updating the user’s password then you should not set UserUpdateRequest.Password to a non-null value.

I would try:

Password = string.IsNullOrEmpty(model.Password) ? null : model.Password

The above is under the assumption that if UserUpdateRequest.Password is null then it won’t be serialized into the request JSON and as such the Management API won’t even complain about it and treat it as an update only to the properties provided.

1 Like