Given that you will need to perform such actions from your backed you would need to get an access token to call your API (Auth0 React SDK Quickstarts: Call an API). In that access token the user identifier will be available so that your backend can know who is the authenticated user associated with this call.