Cannot change my own password nor see my logins in logs (bug)

I was trying to change my password in our auth0 account, and I was surprised to be unable to find a way to do so. I asked someone else in the same organization to check, and they could not find it either. It’s either a bug with my account, or I’m missing something obvious.

  1. I can login and logout successfully on manage.auth0.com using my username and password login.
  2. I can see the organization name on the top right, rather than my nickname or my email (I initially created the auth0 account; other team members see their username, not the organization name)
  3. I cannot find my email nor my nickname in the “Users” panel
  4. I cannot see my logins nor anything related to my account neither in the Logs nor in the Dashboard “Latest Logins”

It looks like I have some kind of a “phantom”, or “headless” account. Can you help?

Dashboard admin accounts do not appear in the Users list in the tenant. The Users list is only for users of your clients/connections, rather than for dashboard administrators. You can see a list of dashboard administrators from:

Account Settings > Dashboard Admins

https://manage.auth0.com/#/account/admins.

As for seeing the Organization name, can you confirm if you are an administrator of multiple tenants?

I do see my login in the dashboard admins, and I see that I’m a dashboard admin for two tenants (prod and staging). So my two main questions are:

  1. How can I change my password?
  2. How can I add myself in the users list so that I can do things like setting app_metadata for example?

I do see my login in the dashboard admins, and I see that I’m a dashboard admin for two tenants (prod and staging). So my two main questions are:

  1. How can I change my password?
  2. How can I add myself in the users list so that I can do things like setting app_metadata for example?

@christian.rondeau To change your dashboard admin password, you need to trigger the password reset via Lock, where you usually sign in to Auth0. To clarify:

  • Dashboard admins are not ‘Users’ of your tenant - they are instead users of the Auth0 tenant. Hence, they do not show up in your tenant’s Users list.
  • Also, because of the above, there is no way to set app_metadata for a Dashboard admin.

Can you please describe what you are trying to achieve in more detail (e.g. why you need to set app_metadata for a dashboard admin user).

Ok, so to change my auth0 “dashboard admin” password, I need to log out and select “Forgot my password”? Thanks, that’s what I did and it works… but I’d have to make a feature request: at least add a “Change Password” somewhere that redirects to the “Forgot Password” screen…

As for the tenant users, I understand what you mean, and it makes sense. For anyone trying to do the same thing, it seems using your auth0 login for an auth0 tenant is only possible through some (documented) hoops: Connect to OpenID Connect Identity Provider

Thanks!

Glad to hear it worked. For your feature request, where do you suggest adding the “Change Password”? In the Dashboard > Account settings > Dashboard admins list?

Thanks for asking! In a perfect world, under the top-right user menu in manage.auth0.com, there would be a “Your Account” or “Profile Settings” with only settings specific to the current login (what you now see in Account Settings, Account, General, Your Profile), and a “Change Password” link.

Otherwise, in Account Settings, Account, General, Your Profile I can already see my name (that I cannot change…) and the “database” provider (which I cannot access), so there could be a link there.

This being said, having the ability to actually manage my profile would be expected.

Got it - a few questions this raises:

  1. If the dashboard admin is already logged in, they haven’t forgotten their password. Hence, the reason for changing a password would be limited to something along the lines of the password being leaked, etc.
  2. Passwords can only be changed if the dashboard admin logs in using username/password. If they signed in using a social provider (e.g Google, GitHub), the password needs to be changed in the identity provider.
  3. What aspects of the profile would you need to manage - can you elaborate on a scenario or use case?
  1. The goal is to “change” the password, but there is no actual way to do so other than logging out and “resetting” the password. So knowing software development is hard, at least allowing logged-in users to “reset” (change) their passwords would avoid hair tearing.
  2. Well, yes. I don’t expect “change password” to show up if my password is not hosted by Auth0.
  3. I cannot change my email, my “nickname” or anything you currently store. I would expect to have control over any piece of data you host about me.
2 Likes