We’ve discovered a timing-based consistency issue in the Auth0 Management API. When updating a user’s app_metadata via auth0.v3.management.users.Users.update API, an immediately following fetch of users via auth0.v3.management.users.Users.list call often returns the old data. After a short delay (e.g. 1 second), the fetch of users returns the updated user data as expected.
Reproduction Steps:
- Update any app_metadata property of a user via auth0.v3.management.users.Users.update
- Immediately after the update, fetch all users via auth0.v3.management.users.Users.list
- Observe that the returned user object still contains the old data before the update.
- Wait ~1 second, then repeat the fetch users request. Observe that the user now has the updated data.
To test this further I created a python script to do the update and get all users in a loop for 20 times and following is what I observed:
- With no delay between update and fetch users, the fetch requests return stale data for all 20 iterations.
- After a 1 second delay between update and fetch users, the fetch requests return stale data for 5 iterations and updated data for 15 iterations.
- After a 3 second delay between update and fetch users, the fetch requests return updated data for all 20 iterations.
I am using auth0-python = "==3.14.0" library in my project.
Questions:
- Is this an expected propagation delay, and can this be tuned?
- Are there recommended patterns or headers to force fresh reads?