Auth0 Home Blog Docs

API stopped querying by metadata

metadata
user-metadata
client-metadata
api

#1

Hi,

Just about 4…5 hrs ago our requests stopped getting responses from API

curl -X GET \
  'https://mobile.eu.auth0.com/api/v2/users?q=app_metadata.person_uuid%3Dae98e42d-1.........' \
  -H 'authorization: Bearer eyJ.........'

now we receiving

]

earlier

    {
        "email": ".....@........com",
        "email_verified": true,
        "updated_at": "2016-06-03T15:29:47.314Z",
        "picture": "https://s.gravatar.com/avatar/723d42f66c08........f?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fte.png",
        "user_id": "auth0|56680d2........",
        "name": "......@........com",
        "nickname": "test",
        "identities": 
            {
                "user_id": "56680d210881.........",
                "provider": "auth0",
                "connection": "Username-Password-Authentication",
                "isSocial": false
            }
        ],
        "created_at": "2015-12-09T11:14:41.900Z",
        "last_password_reset": "2015-12-29T08:48:22.106Z",
        "last_ip": "62.68.157.197",
        "last_login": "2016-02-02T18:21:33.277Z",
        "logins_count": 23,
        "app_metadata": {
            "role": "admin",
            "company_id": "3",
            "person_uuid": "ae98e42d........"
        }
    }
]

but there is no issues of getting whole list of users

curl -X GET \
  https://mobile.eu.auth0.com/api/v2/users \
  -H 'authorization: Bearer eyJhbGciOiJIUzI1NiIs.....'

Need to query app_metadata in Delegated Admin Extension
#2

Is that the same issue?
https://status.auth0.com/incidents/71nlbr16j7ng

@jmangelo


#3

Same here.
Two days ago the api was working correctly. Now I can’t fetch uid from app_metadata. Tried a work around to save uid in user_metadata but still not working.

Can anyone help us please?


#4

@jmangelo

issue remains the same, with sms via twilio.
but email works as expected.
we can’t use SMS to authenticate


#5

We’re having problems querying users by metadata as well - no users are being returned (tested with a basic query from the api explorer). Could we please have an update as to when this will be investigated/resolved as it’s affecting live applications

Thanks

Phil


#6

@[all] there are some situations where user search on custom fields will not be available. The incident linked by @dk has additional information behind this. From my understanding all of you are currently experiencing a problem with searches over custom metadata fields (if there’s more than that please confirm) so I’ll try to get more information about this situation and will get back to you.

Also, in future please avoid using the answer box for what should be comments as providing them as answers will reduce visibility of the question itself (removes it from unanswered list)


#7

Same here.
Two days ago the api was working correctly. Now I can’t fetch uid from app_metadata. Tried a work around to save uid in user_metadata but still not working.

Can anyone help us please?


#8

Is that the same issue?
https://status.auth0.com/incidents/71nlbr16j7ng

@jmangelo


#9

@jmangelo

issue remains the same, with sms via twilio.
but email works as expected.
we can’t use SMS to authenticate


#10

We’re having problems querying users by metadata as well - no users are being returned (tested with a basic query from the api explorer). Could we please have an update as to when this will be investigated/resolved as it’s affecting live applications

Thanks

Phil


#11

I’d overlooked some of the information in the issue link - it does explain my scenario and I have emailed the appropriate support team. It wasn’t clear though that this important change was nestled in there - an email warning would have been useful.


#12

I relate to that; I’m trying to understand if there was some constraint that could explain the lack of explicit notification.


#13

The inability to search over custom metadata fields is indeed related to this incident which was already linked and mentioned in the comments. At this time I don’t have any additional information to share besides pointing to the email address available in the linked incident and suggesting that you use it to at least expose your exact situation, in particular, the tenant/domain affected and the use case for which you were using the search over custom metadata fields.


#14

Issue remains unsolved more than a week. If it’s a sole single issue - please, you see our auth0 domain, check the issue. You can easily debug.
If we need to be on paid account, say, if it will fix the issue.


#15

@dk I’m afraid this is not an issue with debugging the situation and it’s also something that I cannot directly change. The restrictions were put in place because some use cases can simply not be supported and as such need to be discussed one on one, hence the recommendation to use that email address to expose your situation. We are trying to accommodate all customers that were already depending on custom user search, but the way they will be using and performing those searches will need to be discussed. Is there any particular reason for not wanting to use the suggested email?


#16

@jmangelo I’m still waiting for a response from them aside from the automated one by the way (31 hours later). Any idea how long it will be?


#17

Dear João,
this email support@bnmg.ru on web (both sms and mail accepted) and +35796046330 on mobile (our mobile apps restricted to accept sms auth0 ids only) — if an email works fine to finalize authentication transaction with no errors, but when sms used - it causes 503 error
please take a look: https://pastebin.com/12cEQ7v5


#18

João, please reply, it’s really hurts.
@jmangelo


#19

I might have missed something, but from that comments you’re describing an issue with authentication and not user search. By default, to my knowledge the authentication pipeline does not require user search so the user search restrictions should not matter. Do you have custom rules that depend on user search? If that’s the case, which is not recommended, then please use that email address I mentioned to expose the situation; you can leave a note here mentioning that you sent the email so I can take a look and ensure the case is reviewed.


#20

Dear João,
Email sent. Please check.