Hi,
One of our tenants has a single user who is stuck in the query index for at least a couple days now.
To clarify,
- The user-account was deleted somewhere last week, probably 24th of March.
Past Friday, 27th of March, we’ve tried a couple more deletes
- The good parts, the immediate API REST endpoints can’t find the user anymore.
That user is also not able to login anymore
- The bad part, that users is still in the query resuts from
/api/v2/users.
It has been stuck in that index for close a week a now.
It’s only a single user that is leaked like that. Other create/update/delete do propagate correctly.
It smells a bit like a bug. It’s not easy to find more info on how that issue happened, but I can dig deeper if there specific questions.
Nonetheless is there a way to vacuum that query index?
Hi @pieter.vandercammen
Welcome to the Auth0 Community!
Thank you for providing all the details on this matter! After doing some research, the behaviour that you are seeing does rarely occur with search queries with user-defined attributes under the /api/v2/users endpoint, which should be the result of timeouts. I am uncertain why the data remains consistently wrong fro about three days as you’ve mentioned, but can you please perform the search using the following endpoints and let us know if the deleted user still appears:
The above endpoints are known as immediately consistent and searches using these endpoints reflect the results of all successful write operations. I can recommend our documentation on User Search Best Practices which outlines some useful tips to overcome such data irregularities.
Let us know if the user still appears when running the search through the mentioned endpoints. If that is the case, please let us know:
- was the user deleted manually from the Dashboard, or via the Management API?
- was the user Auth0 sourced, or was it external ( either a Social user or brought from an external directory)?
Best regards,
Gerald
Hi,
That deleted user is indeed not available from /v2/users/{id} or /v2/users-by-email .
It’s mostly Welcome to Auth0 Docs - Auth0 Docs where the user is ‘stuck’. It’s shouldn’t be critical, just mostly a bit odd to leak the account in there.
For more info,
- The user was first deleted from the Management API.
- It’s an Auth0 sourced user. Created via the Management API into the ‘Username-Password-Authentication’ database.
Hope that helps,
Pieter
Hi,
A small update, the ghost user is still trapped in that search index. That account is only found from querying /api/v2/users?q=… but not with /v2/users-by-email
Regards,
Pieter