Nextjs-auth0: How to read and create app_metadata

I have a NextJs application using the @auth0/nextjs-auth0 library. I am trying to store some metadata within user’s profile ( e.g. app_metadata : { id: 123} ) with an axios call. How can I get the management_api_key?

I have manually put some metadata using the dashboard → User Management → Users → Metadata. And I have set a AUTH0_SCOPE=‘openid email profile read:current_user’ in my .env.local within my NextJs project. However when i console log the “user” using the useUser hook, I cannot see the user_metadata.

So how can I create and read user metadata in my NextJs application? Thank you <3

Hi @fnl,

Welcome to the Auth0 Community!

There are a couple of options when getting an Access Token for the Management API.

  1. You could request an Access Token for the Management API by using a Machine-to-Machine application to perform a Client Credentials grant flow.


  1. Using the Auth0 Node.js Library to automatically get Access tokens for the Management API using the ManagementClient class.

Once you have obtained the token, you can call the Management API’s Get a User endpoint to read the user’s app_metadata.

Please see our Get Management API Access Tokens for Production documentation on getting an Access Token for the Management API.

Hoped this helps!

Please let me know if you have any further questions.

Thank you.

1 Like

I am sorry, I am still very new to this. Would you be able to give me some more instruction please? Which method, out of those two, do you recommend more? Also am I supposed to fetch the access token within my NextJs app under pages/api/auth, or I should be setting up a backend route and call that api from the front end?

I have also read a post (Yes, you can update user metadata with Next.js + Auth0 — build it nice) saying I should put the below code within the pages/api/auth/[…auth0].ts. The post mentioned for some reason the scope is not read, therefore the code snippet in below is required

export default handleAuth({
  async login(req, res) {
    try {
      await handleLogin(req, res, {
        authorizationParams: {
          audience: '',
          scope: 'openid profile email read:current_user_metadata'
    } catch (error: any) {
      res.status(error.status || 400).end(error.message);

instead of just

export default handleAuth();

Thank you for your help

Hi @fnl,

Thank you for your response.

I would suggest option 2, to use the Auth0 Node.js Library to automatically get Access tokens for the Management API.

The former. Using the Auth0 Node.js library, you can make requests to read and create app_metadata without being concerned with getting a token. After instantiating the ManagementClient class, you will automatically have an access token that you can make requests with the Management API.

Lastly, please make sure your audience value matches the Management API identifier found on your Auth0 Dashboard. Generally in the format

Please let me know if there’s anything else I can do to help.

Thank you.