Import user without password (invitation)


I need to do multiple bulk import to auth0, it can be 50 accounts or 1k accounts, I’m not interested in the password, my idea was to use an invitation flow, I’ll import the user in my db and then I will send a request to the create use endpoint in order to create the user in auth0:

after create it I’ll create a change password ticket:

my doubt is, will I have rate-limit issue? is there a better way to achieve this?

many thanks

Hi @francesco.venica,

I understand that you have concerns regarding Auth0 API endpoint rate limits.

First, I would like to clarify that your suggested flow does not need to use the Management API to create a user after the user has been imported into your Auth0 database connection. Doing so may cause a conflict when creating a user in the same database connection because the user with that email address already exists via your import job.

Next, I noticed that your flow involves user creation and user import. Usually, in cases that involve user creation, I recommend that you invite the new user to sign up instead. This would simplify the flow.

However, if your flow involves user import, then I recommend that you do the following instead:

  1. Bulk import 50-1k users w/o password via Management API’s /post_users_imports endpoint, which you should be okay with rate-limits on the import side of things.
    – Note that there are limits on concurrent import jobs.
  2. Create a change password ticket
    – Using the Authentication API /dbconnections/change_password endpoint, which may hit Authentication API rate limits, or
    – Using the Management API /Tickets/post-password_change endpoint, which may hit the Management API rate limits.

Keep in mind that rate limits depend on the type of tenant that you have. Therefore, if you must make more requests to the API, you may need to consider a subscription with us.

I hope this answers your questions about rate limits. Please let me know if you have any questions. I would be happy to help.


many thanks, it seems I have all the info now, about the db I’m sorry, I didn’t explain well, when I say imported in the db I meant in the db of my app, I’m not saving the psw, only emails and other info but this is not related to ipmort user in auth0…

I didn’t know about the post_users_imports but that is making all more simple, the flow will be:

  • import with /post_user_imports
  • reset password with /dbconnections/change_password

doing this I don’t think I will hit any rate limit as if I understood correctly the limit is 1 req per User Email, IP Address, so sending 1 request per user should be fine (even with 1m of user should be fine)

many thanks

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.