Mass update user emails in auth0 connection

Problem statement

Error “Cannot update email for this user” thrown when attempting to change user email addresses via the Management API.

Steps to reproduce

Attempt to change the email address for a user who resides on an enterprise connection such as SAML.

Cause

Users on an enterprise connection are based on the response from an upstream IdP. Auth0 is not in control of the user’s profile.

Solution

This is not supported as these are external users and Auth0 uses the profile sent by the SAML IdP. By default, enterprise connections sync the profile attributes with what the IdP returns each time the user logs in.

If you want to add additional data to users on Enterprise or Social connections without making changes on the upstream IdP, you can store them in the user’s metadata and not perform any mapping to metadata in the connection settings.