In my front-end application, i’d like to make a simple overview of users with their respective roles. The Management API provides a “list_users” (/api/v2/users) endpoint, but the response data per user doesn’t include the users’ roles.
I have found the following topic on this subject:
The solution provided in this topic involves requesting a different endpoint for each user listed to retrieve its roles. I’m wondering why the API was designed this way. Getting a users’ roles (for every user) would involve a large amount of requests to the " /api/v2/users/{id}/roles"-endpoint, which think is not desireable (lots of traffic). I think adding this attribute to the list_users-endpoint would prevent a lot of traffic to and from auth0 in this case.
What is the best practise in this case? Is there a rule I can add to populate app_metadata with a users’ roles?
That topic you linked is still up to date. You could certainly populate the roles to app_metadata, but this will require the user to log in before it takes effect.
If that is okay, then here are some resources with similar examples of how to implement it: