Accessing User Profile from Unauthenticated SPA

Hi all,
I’m in the process of constructing a single-page webapp using Angular for my capstone project. The concept is a post-based system which users may browse, authenticated or not. When data is retrieved from my server-side API, each post has an associated user ID which is the same as Auth0’s.
My question is: is it possible to query the Auth0 API from within Angular to retrieve user data for a given post, without having a token for the management API?
From my general understanding, the management API is suited for administrative purposes, so I’m not confident this is the correct path to go down.

Thanks in advance!

Hi @slc2015,

Sounds like a fun project. To call the Management API you will need an access token. I would recommend setting up an endpoint on your server-side API to make the Management API calls, cache the user information at the API layer, and then use it to enrich your responses as they go out from the API.

This example is in C#, but it demonstrates the idea nicely. Notice that I am fetching the user information from a caching layer and then using it to construct my response.

The caching layer is pretty simple; it uses a memory cache to maintain a list of users. It first attempts to pull the user from the cache, if it is not found will hit the API to get the user and add it to the cache.

This really helps with not bumping into the Management API rate limits. You might want to consider enhancing my design by batching your user fetch calls as your application seems to have a set available at once.

Hope that helps!

Bobby

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.