Hi,
We’ve created a web application and add it in auth0 as a regular web application.
Users can connect with a “Username-Password-Authentication”.
Next we’ve created an API “proxy” to manage auth0 users. We’ve added this API in auth0 as a “machine-to-machine” API. Of course this API is not using connection “Username-Password-Authentication”.
Now when we try to add a new user that will access to our web app we get an error “connection is disabled (client_id: XXXXXX - connection: Username-Password-Authentication)”.
If we enable the connection “Username-Password-Authentication” it works but we don’t want to give access to users to this API.
What is the problem? What should we do?
Hi @bpfefferkorn,
Welcome to the Auth0 Community!
Can you share with us how you are trying to add new users?
Hi,
We’re using a POST request on this API endpoint : https://[tenant-url]/api/v2/users
Body is the following :
{
"email": "user@email.com",
"user_metadata": {},
"blocked": false,
"email_verified": false,
"app_metadata": {},
"given_name": "John",
"family_name": "Doe",
"name": "John Doe",
"nickname": "Johnny",
"connection": "Username-Password-Authentication",
"password": "my_password",
"verify_email": false
}
This error is expected if you are creating users this way.
The /dbconnection/signup endpoint should allow you to do what you are trying to do here.
Thanks for your answer.
But the problem we now encouter is a “public signup is disabled” error.
This is indeed what we want: users should not be given the option to signup themself.
Are you using the same application credentials (client_id, client secret) for your web app and M2M app/API?
No, these are independent applications with each their own credentials
And you are unable to use your M2M app to create new users?
I think I’m confused by this statement:
How would users access this API? How do your users have access to this M2M app?