How to retrieve roles and user list with 700 roles and 2000-5000 users (Management API)

Hi,

We are building a UI where our users can assign and remove specific roles from existing users, if they have the respective roles / permissions to do so. For this, we need to get a list of all users with their respective roles. We have about 700 roles, and 2000-5000 users.

Getting the users and getting the roles is no problem. However, getting the assignment between the users/roles is. I know these two options to get the user/role assignments:

https://auth0.com/docs/api/management/v2/roles/get-role-user
https://auth0.com/docs/api/management/v2/users/get-user-roles

Using the first api, we need to make 700 requests (at least one for each of the 700 roles, excluding pagination).
Using the second api, we need to make 5000 requests (at least one for each of the 5000 users, excluding pagination).

So both approaches seem problematic to me. I also noticed the solution to store the roles additionally in the users metadata. This would work, but the info would possibly be outdated, which would be problematic (this combined users/roles view is also used to audit which user has access to which functionalities => it must be correct / up-to-date).

Do you have a suggestion how to solve this properly? Is there another api, or perhaps an export for this? What we need ist something like a ‘roles’ field for the getUsers api, or a ‘userIds’ field for the getRoles api.

Similar threads (both closed):

Thanks,
Lukas

Hi @lukaselmer

Welcome to the Auth0 Community!

Thank you for posting your question. Currently, via the Management API, you are able to call the GET /API/v2/organizations/{id}/members to fetch all members that belong to an organization with their roles → Auth0 Management API v2.

I hope this will answer your question.

Thanks
Dawid

Hi Dawid,

Thank you for your reply.

We don’t have any organizations. So we would need to create an organization, and add all users to this organization, to get the users with the roles. Is there also an option so we don’t have to add all users to this organization?

Thanks, Lukas