Hi there,
SDK: Auth0-PHP
Version: 7.9
I am currently working on integrating Auth0 into a PHP application. Everything is working quite well so far but I seem to be getting stuck when it comes to updating the user profile.
The user profile gets updated (from an API/backend perspective) no worries at all, but none of the changes are reflected for the current user session. For example, given the following code:
$options = array(
'name' => $name,
'email' => $email,
'email_verified' => false,
'verify_email' => true,
);
$mgmtApi->users()->update($userId, $options);
After the profile has been updated, the output of:
$auth0->getUser()
Is still showing the previous details (before the update). This obviously makes things pretty awkward for the user and makes email verification emails have no visible impact until the user logs out and back in.
From the research I have done I know I am clearly missing something but I am struggling to put the pieces together.
https://auth0.com/docs/api/authentication#get-user-info
States: “To access the most up-to-date values for the email
or custom claims, you must get new tokens. You can log in using silent authentication (where the prompt
parameter for your call to the authorize
endpoint equals none
)”
But I am not sure how I can do that from the SDK. I have tried (taken from other Auth0 documentation):
$authorizeUrl = $auth_api->get_authorize_link(
'code',
getenv('AUTH0_REDIRECT_URI'),
null,
$state_value,
[
// Optional API Audience to get an access token.
'audience' => 'https://' . getenv('AUTH0_DOMAIN') . '/api/v2/',
// Adjust ID token scopes requested.
'scope' => getenv('AUTH0_SCOPE'),
'prompt' => 'none',
]
);
header('Location: '. $authorizeUrl);
exit;
Which still doesn’t seem to do anything.
I know I can call the management API which would work in updating the ‘email’ property but it doesn’t solve updating ‘email_verified’ when a user clicks the verification link.
I would greatly appreciate some help/examples on how others are doing this in their PHP applications.