API to create user with connection of another App

Hi,

We’ve created a web application and add it in auth0 as a regular web application.
Users can connect with a “Username-Password-Authentication”.

Next we’ve created an API “proxy” to manage auth0 users. We’ve added this API in auth0 as a “machine-to-machine” API. Of course this API is not using connection “Username-Password-Authentication”.

Now when we try to add a new user that will access to our web app we get an error “connection is disabled (client_id: XXXXXX - connection: Username-Password-Authentication)”.

If we enable the connection “Username-Password-Authentication” it works but we don’t want to give access to users to this API.
What is the problem? What should we do?

Hi @bpfefferkorn,

Welcome to the Auth0 Community!

Can you share with us how you are trying to add new users?

Hi,

We’re using a POST request on this API endpoint : https://[tenant-url]/api/v2/users

Body is the following :

{
  "email": "user@email.com",
  "user_metadata": {},
  "blocked": false,
  "email_verified": false,
  "app_metadata": {},
  "given_name": "John",
  "family_name": "Doe",
  "name": "John Doe",
  "nickname": "Johnny",
  "connection": "Username-Password-Authentication",
  "password": "my_password",
  "verify_email": false
}

This error is expected if you are creating users this way.

The /dbconnection/signup endpoint should allow you to do what you are trying to do here.

Thanks for your answer.
But the problem we now encouter is a “public signup is disabled” error.
This is indeed what we want: users should not be given the option to signup themself.

Are you using the same application credentials (client_id, client secret) for your web app and M2M app/API?

No, these are independent applications with each their own credentials

And you are unable to use your M2M app to create new users?

I think I’m confused by this statement:

How would users access this API? How do your users have access to this M2M app?