Changing user root attributes

cassio.deon · June 28, 2023, 9:38pm

We are having an issue changing a root attributes that some users have.

Due to the user migration flow that we have in signin, in which we look for legacy bases through the login script and insert in Auth0 if the user exists in any legacy base, some users were inserted with the credential attribute incorrectly in auth0, as the object was not normalized in the login script.

So we have users with root attributes who have data we want to remove. However, the update user API does not accept that root attributes are sent for editing outside the allowed attributes:
Doc (Update Root Attributes for Users).
FAQ (How to Delete User Profile Attributes)

Request:

curl --location --request PATCH 'https://{DOMAIN}/api/v2/users/{PRIMARY_IDENTITY_ID}' \
--header 'authorization: Bearer ' \
--header 'cache-control: no-cache' \
--header 'content-type: application/json' \
--data '{
    "credentials": null
}'

Result:

{
    "statusCode": 400,
    "error": "Bad Request",
    "message": "Payload validation error: 'Additional properties not allowed: credentials (consider storing them in app_metadata or user_metadata. See \"Users Metadata\" in https://auth0.com/docs/api/v2/changes for more details)'.",
    "errorCode": "invalid_body"
}

Therefore, we are unable to remove user data.

What can we do in this case? We would like to remove the credentials attribute from users that were entered in error.

Thanks

rueben.tiow · June 29, 2023, 6:46pm

Hi @cassio.deon,

Welcome to the Auth0 Community!

To the best of my knowledge, it is not possible to update non-root user attributes such as the credentials property that you shared. This is consistent with the error message in the result, stating that the credential attribute is not an allowed property, and suggests storing it in the user’s app_metadata or user_metadata.

With that, could you please confirm how these users were added with the credential attribute incorrectly to Auth0? Was there an issue with your login script?

For now, one way we can handle this scenario is to remove these affected users, fix how the credential property is stored, and consider storing the credential attribute in the user_metadata so you can make updates to it in the future. Then when the user logs in the next time, they will get imported to your custom database connection in Auth0 correctly.

Thanks,
Rueben

system · July 13, 2023, 6:46pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Update User API Field Deletion Not Working With Imported Users Help api	4	3744	August 23, 2019
Updating User Profile Root Attributes Knowledge Articles auth0 , user-profile , user-management , faq	1	5507	December 20, 2019
Unable to PATCH user with app_metadata Help management-api , app_metadata , metadata	10	9583	December 17, 2018
Where to store the users name property Help	4	4972	February 12, 2019
Add username root attribute to a profile Help auth0 , api , username-password-co , username	8	3686	June 16, 2020

Changing user root attributes

Related topics