Management API Client Grants allow current user to update only themselves

Is there a way to allow user to update ONLY themselves, using management api?

Hi @bogdanmihalskiy002,

Welcome to the Auth0 Community!

Yes, when using the Management API v2 update a user endpoint, you could pass the user_id to update for a specific user.

To allow users to update themselves, you could have a scenario where the user logs in, and you use the access token to find the user’s user_id from the sub claim (whom the token refers to). Then you’ll be able to pass that user_id to the Management API when updating the user.

Hoped this helps!

Please let me know if you have any questions.

Thank you.

What i meant was is there a way to generate management api token, with permission to edit only 1 specific user?

Hi @bogdanmihalskiy002,

Unfortunately, you’ll not be able to generate a Management API token with permission to update only one specific user.

The Management API token includes the update:users scope that grants the permission to update any user.

Thank you.

Is there any way to edit user data without Management api or dashboard?

Hi @bogdanmihalskiy002,

No, unfortunately, there isn’t an alternative way to update a user. You will need to use either the Management API or Auth0 Dashboard to update a user.

Please let me know if there’s anything else I can do to help.

Thank you.

Thank you for your help

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.