History of revisions on Root Attributes

Hi there,

Is there a way to retrieve old Root attributes that could have been modified ? I am thinking about a user that changes his phone_number or nickname, can i retrieve the old ones somehow ?

If not, should i just move the current values to user_metadata before updating ?

Hi @Singtah,

I believe the only option here would be to go through your tenant logs. You’ll want to export your logs to a 3rd party service since Auth0 maintains at the most 30 days of logs. There’s no ‘journaling’ or change history capability at the moment as far as I know.

Hi @markd

Thank you for your answer. That could be a possibility, i will have to take a look a the logs.

My goal is to keep track of every state a user account could take (during registrations and then after further updates like phone, address…)
The easiest way is to have a different uuid for every state that the user account takes and keep, as you suggested, the logs for the data with a reference to that uuid

Is it the only way of keeping records for user account states ?

Thank you for your suggestions

If by “keeping records for user account states” you mean keeping a history / changelog then there is no way to do that natively within Auth0. I would suggest submitting feedback / a feature request. If not a native changelog / journaling feature, maybe Auth0 can add an “on profile update” hook that would allow you to implement something yourself.

Hi @markd
Yes, that’s what i need : keep history of the user profile data. I will submit a feature request
Last question regarding a closed post (did not respond fast enough here) : Magic Link security
Are you able to provide the parameters that are held in the state .

Even though my question is about the security of the magic link, the idea is also the same here : i would like to keep a record of the parameters that were send in the transaction.

Thank you for your help

I’m afraid I don’t know what parameters, if any, are held in the state value for a magic link.

How do you make sure the link is opened in the same browser then ?

I’m not familiar with the technical details. It may be that the state parameter is stored in a signed cookie locally (this is how state is handled in other scenarios), but I am not certain.

Thank you @markd,

Do you know where i could that information ?

If it’s not in the docs, you’ll need to ask Auth0. I’d suggest opening a ticket.