I am building a subscription service using stripe and want to update user access from stripes webhook. I set up auth0 actions to create a stripe id and store it in the app metadata of a user. I am now trying to get stripe to talk to auth0 so I can update user roles in a python backend.
Stripes webhook trigger lets you know whenever a subscrition payment has been canceled.
I was going to use that trigger to pull the email from the stripe webhook and update the user role to restrict access for that user. However after reading auth0’s documentation, I found that it is a best practice to not use the email to update a customer.
Is it possible for auth0 management api to identify a user by their app metadata?
@tyf thank you for the response. I was going to set up a database in aws to store both the auth0 userid and stripe id to update the role without storing the pw info. My thinking is that I need a centralized database to keep track of each users stripe id and auth0 id and update it whenever a customer payment gets updated (webhook trigger).
After reading more documentation it looks like I may not need the database to keep trackand could use the auth0 database instead.
could i append the remove role from a user api to "https://{your_domain}/api/v2/users?q=app_metadata.test_metadata:“12345” ?