Auth0 Home Blog Docs

auth0 custom database api fields

management-api
custom-database

#1

I want to sign a user up with additional metadata, but I don’t want that data stored on auth0.

For example

email: some_email
password: xyz123
country_of_residence: UK - this is additional meta data

I am using a custom database connection to my database. I can get the custom database create/login script to work and I can save the data to my database using the user_metadata which comes through on my create script. The problem I am having is the data gets saved to auth0 as well. It seems like user_metadata is automatically saved.

I have done a lot of research and there doesn’t seem to be another way to do this (create the user with meta data, but not save that data on auth0). What is the proper way to save meta data for custom databases when signing up a user? It almost feels like you guys are missing a custom_database_metadata option to pass data.


#2

I might be missing something, but is there a strong reason to not consider creating the users directly against your underlying store. The custom database supports user creation brokered through the Auth0 API, but it’s not technically required and for full control you can create the user in your store first.

The above would mean the user would only be available/visible to Auth0 at first login because that’s when the login script would be executed which would then store the returned user data as part of the Auth0 user profile. Given you can control the data returned by the login script this would allow you to not return any data that is associated to the user in your store, but that you don’t want to make it available at the Auth0 user profile.


#3

I am not really following why the user would only be available on the first login. Surely users would log in multiple times and the data would be refreshed.


#4

If you create the user directly at your store then Auth0 will not know it was created or that it exists until the first operation that goes through Auth0 and targets that user; that operation is usually the login one. What I was trying to say was that the user would only have an Auth0 user profile after that first operation/login.


#5