2 issues I am seeing:
1st
/api/v2/users does not respect include_fields=false. Looking at the docs it should respect false.
Example GET request:
{{auth0domain}}/api/v2/users?search_engine=v3&q=email:{my-users-email}&fields=nickname,picture&fields_include=false
Response:
[
{
"nickname": "{my-users-nickname}",
"picture": "https://s.gravatar.com/avatar/ffe93983af1ad59b7cbf78e75b4b46c0?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fda.png"
}
]
It appears it is always treating my fields as include_fields=true.
2nd
/api/v2/users-by-email does not allow the field last_password_reset. Looking at the docs it doesn’t say anything about not being able to filter based on last_password_reset.
Example GET request:
{{auth0domain}}/api/v2/users-by-email?email=clark.kent@global.com&include_fields=true&fields=nickname,picture,last_password_reset
Response:
{
"statusCode": 400,
"error": "Bad Request",
"message": "Query validation error: 'String 'nickname,picture,last_password_reset' does not match pattern. Must be a comma separated list of the following values: phone_number,email,email_verified,picture,username,user_id,name,nickname,created_at,identities,app_metadata,user_metadata,last_ip,last_login,logins_count,updated_at,blocked,family_name,given_name' on property fields (Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields).",
"errorCode": "invalid_query_string"
}
Is there a reason last_password_reset can’t be in the fields property? If I don’t have a fields query param, the last_password_reset value returns just fine with the entire user object.
Question/Bug
These bugs/behaviors are making it so I cannot use the fields param and always have to request the entire user object (which isn’t a deal breaker, just kind of annoying). If I am doing something incorrectly, please let me know and I can adjust. But it seems like these are bugs.