Hi there,
Is there a way to retrieve old Root attributes that could have been modified ? I am thinking about a user that changes his phone_number or nickname, can i retrieve the old ones somehow ?
If not, should i just move the current values to user_metadata before updating ?
Hi @Singtah,
I believe the only option here would be to go through your tenant logs. You’ll want to export your logs to a 3rd party service since Auth0 maintains at the most 30 days of logs. There’s no ‘journaling’ or change history capability at the moment as far as I know.
Hi @markd
Thank you for your answer. That could be a possibility, i will have to take a look a the logs.
My goal is to keep track of every state a user account could take (during registrations and then after further updates like phone, address…)
The easiest way is to have a different uuid for every state that the user account takes and keep, as you suggested, the logs for the data with a reference to that uuid
Is it the only way of keeping records for user account states ?
Thank you for your suggestions
If by “keeping records for user account states” you mean keeping a history / changelog then there is no way to do that natively within Auth0. I would suggest submitting feedback / a feature request. If not a native changelog / journaling feature, maybe Auth0 can add an “on profile update” hook that would allow you to implement something yourself.
Hi @markd
Yes, that’s what i need : keep history of the user profile data. I will submit a feature request
Last question regarding a closed post (did not respond fast enough here) : Magic Link security
Are you able to provide the parameters that are held in the state .
Even though my question is about the security of the magic link, the idea is also the same here : i would like to keep a record of the parameters that were send in the transaction.
Thank you for your help
I’m afraid I don’t know what parameters, if any, are held in the state value for a magic link.
How do you make sure the link is opened in the same browser then ?
I’m not familiar with the technical details. It may be that the state parameter is stored in a signed cookie locally (this is how state is handled in other scenarios), but I am not certain.