Invalid query: Syntax error when calling /api/v2/users

I’m testing a way to break my API calls by using emails with special characters, and I’m receiving a 400 error when calling the /api/v2/users call when using the following email:

test+!#$%&’*±/=?^_`{|}~à@email.com

on my API I’m encoding the email using the javascript encodeURIComponent() and results in this encoded email string:

test%2B!%23%24%25%26'*%2B-%2F%3D%3F%5E_%60%7B%7C%7D~%C3%A0%40email.com

the final API url looks like this:
[auth0 URL]./api/v2/users?q=${encodedURIEmail}&search_engine=v3

and this is the response I’m getting:
{ statusCode: 400, error: 'Bad Request', message: 'Invalid query: Syntax Error, cannot parse test+!#$%&\'*+-/=?^_{|}~à@email.com: Lexical error at line 1, column 39. Encountered: after : "/=?^_{|}~\\u00e0@email.com" ' }

the user belongs to an auth0 IdP and that email was created through the create user from the user management section on auth0, so I assume the email was validated before I was able to create it.

is there any reason why the encoded email is triggering this error on the auth0 API?

It looks like this is breaking the free test search. Can you try doing this search instead? (properly URL-encoded):

email:"test+!#$%&'*±/=?^_`{|}~à@email.com"

Fully encoded, you’d have:

https://{your_auth0_domain}/api/v2/users?q=email%3A%22test%2B!%23%24%25%26'*%C2%B1%2F%3D%3F%5E_%60%7B%7C%7D~%C3%A0%40email.com%22

Does that work?

1 Like

yes, that did the trick, should we expect a fix for the free test search?

I don’t see a formal definition for the syntax so it’s hard to say whether this should work or not. I can report it internally, but I’m not sure if this will be addressed.

Hope you are not the person having to type this email address on every login :wink:

Hey @Alex0 . Just checked with the engineering team. We accept a Lucene query syntax there, and that search term alone is not valid. I could not find a BNF grammar definition for the term (see Apache Lucene - Query Parser Syntax), but I’d recommend using the field qualifier (email:) if you expect these types of email addresses.