Using the Management API in Actions

stephanie.chamblee · June 23, 2021, 4:40pm

Last Updated: Dec 20, 2024

Overview

This article details how to call the Management API in Actions.

Applies To

Management API
Actions

Solution

Please see the below video.

There are plans to expand functionality in Actions even more in the future. Currently, the only built-in method for using the Management API from within Actions is for updating user metadata. Use the api object to update user metadata in a pre-user-registration 27 or post-login action 50:

api.user.setUserMetadata(name, value)
api.user.setAppMetadata(name, value)

If using the Management API for something other than updating metadata, create and authorize a machine-to-machine application 54 for the Action (see steps below).

NOTE:

As mentioned in the Actions Limitations docs, calls made to the Auth0 Management API and User Metadata updates are rate limited, so please limit the usage of management API in actions to as minimum as possible. See Limit calls to the Management API.
For making updates to the user, it’s recommended not to use a post-user-registration action. Instead, consider using a post-login action (FAQ).

Steps for using the Management API in a custom Action:

Create a Machine-Machine Application for the Action:

rtaImage (23).jpeg560×500 24.5 KB
Authorize it to use the Management API with the required scopes:

rtaImage (24).jpeg647×500 24.1 KB
Store the application’s credentials in the Action’s event.secrets object:
Find the domain, client ID, and client secret in the application settings of the app created in step 1.

rtaImage (25).jpeg690×387 38.4 KB
Add the auth0 npm module:

rtaImage (26).jpeg690×325 35.3 KB
Initialize and use the Management API in the Action:
This post-login Action example adds a default role to the user when they first log in.

exports.onExecutePostLogin = async (event, api) => {
  if (event.stats.logins_count !== 1) {
    return;
  }

  const ManagementClient = require('auth0').ManagementClient;

  const management = new ManagementClient({
      domain: event.secrets.domain,
      clientId: event.secrets.clientId,
      clientSecret: event.secrets.clientSecret,
  });

  const params =  { id : event.user.user_id};
  const data = { "roles" : ["ROLE_ID"]};

  try {
    const res = await management.users.assignRoles(params, data)
  } catch (e) {
    console.log(e)
    // Handle error
  }
};

Related References

How to Use the Management API Auth0 Actions Community Post

Topic		Replies	Views
Using the management API in flow actions Help auth0 , actions	6	8090	April 24, 2021
setAppMetadata changes in post-login hook not persisted when calling api.access.deny Knowledge Articles post-login , setappmetadata , api-access-deny	1	1045	May 10, 2023
Custom Workaround to Account Linking with Action Knowledge Articles	1	611	October 3, 2023
Management API in actions Help actions	4	4957	October 11, 2021
ManagementClient and secrets with cli deployment Help management-api , actions-management-api	6	1190	April 26, 2024