When you migrate the authentication process over to Auth0, do you only want to allow username/password authentication (Auth0 database connections), or also social connections like Google, Facebook, etc. (now or later on maybe)?
If you only allow database connections, you can consider triggering the initial data setup via an API call from the post-user registration hook. This hook only works with database connections though, not with Social Connection such as Facebook, Google, etc.
Otherwise, if you don’t only use database connections, you can consider a rule and trigger the logic from there; within the rule you can check if it’s the first login of the user, and if so, only then initiate that API call to your end.
Alternatively, don’t use Hook or Rule at all and just trigger the initial data setup once the user is returned and base is on the returned ID Token or Access Token (esp. the
sub claim, which is basically containing the user id; that’s also the value you should use to reference users in your database tables, so that you have a link between your business logic database tables and the Auth0 user store).
Which approach to take also depends on when that data needs to be available, whether it’s time critical for a user to being able to use your app, or whether it can happen asynchronously in the background, etc.
Another point to consider is how to migrate your legacy users that are in your old user database over to Auth0, when you make the switch. You can consider an automatic migration over time, or a bulk import.