Provision users from Enterprise Connection

The year is 2023, is there still no way in Auth0 to provision users from an Enterprise Connection such as an Azure Active Directory? All I can find are “solutions” where the user always has to login to the application first so that it gets created in Auth0, after which an admin can assign roles.

I’ve tried:

  • Creating the user through the Management API with the enterprise connection details, but that isn’t allowed.
  • Creating a username password user through the API and assign roles there. Then, once the user logs in through the enterprise connection and gets created again in auth0, Link/merge both accounts with the Management API. Unfortunately the role assignments are not transferred from the secondary to the primary account.

I would really like to be able to create/provision a user and assign roles without having the user sign in first. Is this possible?