In my application I have data associated with a user (scores, results etc). The association between application data in by database and auth0 users is done by the ID I receive from the access token.
In one use case my application can display a high score list to the user eg.
Bob 1000pts
Joe 500pts
Robin 450pts
Currently my flow to acheive this result is planned to be as follows:
The Frontend app signs in with Auth0 and retrieves an access token including a UserID
This Accesstoken is passed to my API Backend and the high scores are are queried from the database.
This dataset is a list of UserIds and their associated scores:
ID-asds-asdfas 1000pts
ID-sdfg-werwad 500pts
ID-asdf-asdfasd 450pts
I don’t want to display a highscore list of userIds so my API backend then queries Auth0 to retrieve the usernames associated with the UserIds. This list of username+scores is returned to the Frontend app.
This approach certainly will work. You could also store the usernames in your DB to save the extra call to Auth0. Do you have a specific concern with your existing approach?
The only concern I have is the overhead of calling into the Auth0 API constantly. Your solution of storing the usernames as well would solve that issue. Is there a common pattern of how to synch up my database with the auth0 user database? Data would most likely not be required to be “real time” so perhaps a scheduled task could synch the databases after ever X hours/days
Are you only storing usernames in addition to user IDs? You are responsible for the logic for username changes, and in addition to updating the Auth0 DB, you should update you backend when a user changes username.
If you want to store a copy of the user profile in your DB, you can update your database as you receive ID tokens after a successful authentication. This method could end up causing frequent writes to you DB, be aware of that.