Does updating a user through the API require a re-authentication


We are finding that when a user’s details are updated through the Management API, that subsequent silent calls to get an access token fail, and a login is required. I can see that there are events in the logs for email change.

Is this expected behaviour? I suspect that the email change might be related. Is it only an update to the email address which would have this effect?


Hi @JonHarvey,

I know that password changes invalidate the session, but haven’t heard of other changes like metadata etc requiring a reauthentication.

Hope this helps,

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.