Block user from a particular organization

Hi Auth0 family,

I’ve been working with auth0 for more than a year now, and so far I love it with a few buts here and there. Organizations feature in particular is a lifesaver and I love it, but there’s still some stuff that could be done.

This time I am particularly looking for something that might have slipped in imo. When you’re retrieving the members of an organization you get with it a blocked property as when you fetch a particular user. So far so good with that.

This issue comes when you block a user using the update user PATCH /api/v2/users/{id} method from the management API.

When you do this and retrieve the user using the GET from /api/v2/users/{id} you get the blocked status to either true or false, but when using the GET from /api/v2/organizations/{id}/members you always get the blocked property set to null.

Our workaround at the moment is to fetch the users from the organization and then get the users’ information using the query engine, as you imagine this is a pretty time and resource consuming operation, and we have to do it just for that blocked property.

So I wonder if this is intentional if so I think there should be a blocked user from organization method or set it to the current status of the user inside of auth0 which I think in some cases might be fine.

But in our case(and probably other’s people cases) would be great to have the option to block it from the organization, not delete it completely from the organization since the property is already there.

If more info is needed, please let me know

Thanks a lot and keep up the amazing work you guys do

1 Like

Hi @osauceda,

As far as I can tell, there’s no mention of blocking in the response of this API (which is why you might see it as “null” on your end) - which explains why you need to query the user from GET /users to get the Blocked status. If there was a Blocked status specific to orgs, I suppose it would be part of the response.

Therefore as I see it, this is by design. However, if what you’re asking is a “block user for a specific org” feature, you’re welcome to open a feature request on the feedback section or on our feedback form.

This is the sample response from the docs:

[
  {
    "user_id": "",
    "picture": "",
    "name": "",
    "email": "john.doe@gmail.com"
  }
]