We have a Custom Database that Import user form Cognito into Auth0. When we try creating a new user in Auth0 in that Custom Database and sending a Change Password Ticket, we receive this error “The user with id (undefined) is not a member of organization with id (org_aaaaaaaaaaaa).” The user is a member of that organization, I can login with that user in that organization with the password set in creation steps.
Doing some test, I find that when I user the connection_id + email in Change Password Payload give me that error. Using only user_id work when that is not working. Can we always use the user_id instead of connection_id + email or some time the user_id will not work.
Where are you trying to generate the password change ticket? Inside the custom database scripts or during an action trigger?
As long as the user is a member of the organization, you should be able to use email + connection_id whenever you are trying to generate a ticket. It appears that in your situation, the user_id does not get passed on. Also, the user_id should be working just as fine, perhaps, for your situation, since you are importing users from Cognito, retrieving the user_id of the newly created user in Auth0 is more suitable.
Otherwise, if you would try creating the password change ticket during a PostUserRegistration action might accomplish your use case in using the email+connection_id.