Undocumented validation when updating user email with management api

Using PATCH /api/v2/users/{id} to update just the user’s email address when receiving an email change request in our internal system, I’m getting the following error message on a 400 response:

“Payload validation error: ‘Expected type string but found type null’ on property password (New Password for the user (mandatory for non-SMS connections)).”

…which is not identified as a possible 400 response in the documentation:

For our use case, we do not want to update the user’s password in this scenario. Given that this is undocumented behavior, I’m curious if there are undocumented ways around the problem as well. Does anyone have a solution or work-around for this issue? I can supply additional test data as required.

Hi @jlyle99,

Welcome to the Auth0 Community!

Can you post a code snippet of the exact request you are making (scrubbed of sensitive data)?

Thanks, Dan!

I found the issue myself late in the week:

I thought I was sending this request body:

{
  "email": "john.doe@gmail.com",
  "connection": "XXXXXXX",
  "client_id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
}

But I was in fact sending this:

{
  "email": "john.doe@gmail.com",
  "password": null
  "connection": "XXXXXXX",
  "client_id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
}

…due to a stray commit that mixed up our requests for updating password and email and left both parameters in the body. Some additional logging showed this.

I do think it would be helpful to have the validation response syntax added to the docs, but this problem is resolved.

Glad that you figured it out. Thanks for following up with us!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.