First time usage React with Spring Boot

I am first time user of auth0. I was able to create end to end flow between react front end and spring boot api by creating application and then API.

However few queries:

  1. How do i enrich metadata for user from spring boot, to update say payment plan ?
  2. I am currently using access token received from front end to call management api to get user info ?
  3. What is best way to save userID received during login process from backend spring boot services ?

This is my first time, so need to know if auth0 is secured enough, and above mechanism are secured too with jwt ?

Hi @cycoraxdev,

Welcome to the Auth0 Community!

You will want to request a management API token in your backend application and update the user via the management API.

The token you get is intended for the /userinfo endpoint. You could also use an ID token.

You can get the user id from the token via the sub claim.

1 Like

Thanks Dan. So we should always use Management Token to Update User or its metadata from backend ?

So when user logins once, we should call saveUser on our backend with access token and extract sub claim and save it you meant ? How to identify if it first time user registration ?

It is possible to update the user_metadata from the frontend with a SPA management API token, but you will not be able to update the user’s app_metadata from frontend app.

If the the specific sub claim does not exist in your user db then you can assume it’s a new user. Make sure you are validate the token is a signed token from Auth0.