Unable to Construct Login User Due to Invalid User ID in Action

Overview

This article explains the cause of an error that occurs within an Auth0 Action when the api.authentication.setPrimaryUser() method is called. This issue prevents the proper construction of the login user, which leads to authentication failures. The following error is generated:

Unable to construct login user

Applies To

  • Auth0 Actions

Cause

The error occurs because the api.authentication.setPrimaryUser() method requires a valid user ID from a primary identity, which must include its strategy prefix (e.g., auth0|1234abc).

The method fails if the provided user ID is incomplete (e.g., "1234abc" without the prefix) or if the ID corresponds to a secondary identity instead of an established primary user profile.

Solution

To resolve this error, ensure the api.authentication.setPrimaryUser() method is called with a valid and complete user ID.

  1. Provide the full user ID of a primary identity to the api.authentication.setPrimaryUser() method, including the strategy prefix.
  2. Verify the user_id corresponds to an actual primary user profile and not a secondary identity.

This situation can be common in demo applications where it is necessary to link several email addresses to one demo account’s User ID (Universally Unique Identifier (UUID)) to ensure all logins use that single demo account. Review and adapt the following code sample for the specific use case:

exports.onExecutePostLogin = async (event, api) => {
  const demoUserId = "auth0|123abc";
  if (event.client.name == "DemoApp") {
    await api.authentication.setPrimaryUser(demoUserId);
  }
};