Hi. I am an ICT Manager for a charity in the EU.
We use Auth0 with one of our apps to help support community outreach. As a charity, we have been using the free tier. We do use it fairly heavily (as in a lot of users, mostly volunteers.)
We have recently been seeing an issue where we are seeing permissions being removed from users without any intervention or changes on our part. There is no clear pattern to when or why this is happening, which makes it difficult to identify the root cause. This issue is preventing users from logging into applications, and we currently have no way of monitoring or tracking when these permissions are being altered.
It doesn’t matter if new user or one who has been in the system for a while.
Has anyone seen anything like this before?
Cheers, all.
Hi @ICTManager
Welcome to the Auth0 Community!
It does seem to be a weird behaviour that could have a multiple possible causes. Allow me to share some ideas and things to check in order to pin point the issue:
- the use of RBAC feature is not included on a free tenant as per our Pricing page and it could be the source of the observed instability on your tenant;
- exceeding the MAU quota or hitting rate limits; you can check your monthly quota on the Support site → Reports → Quota Utilization;
- hitting API rate limits which can affect user authentication when there are large numbers of frequent users or custom scripts making Management API calls.
We would recommend checking your tenant logs in the first place for any logs that stand out and also you can filter for type:sapi which would indicate calls to the Management API. The Quota Utilization might also uncover potential issues and any additional information you find can be an indication of the root issue.
Let us know if anything stands out!
Best regards,
Gerald