Auth0 Home Blog Docs

User signup

signup
management-api
user-creation

#1

I’m working on an RSS reader and want to use Auth0 for my user management. I want to make sure that logged in users are only able to see their own data. I think I know how to implement this (check the “sub” field on the access token and look for it in my resource server database).

How would I handle user signup this way? Would I have to write a script that pings Auth0’s managment API to grab the auth0 userID and write it to my resource server database everytime a user signs up? What’s the right way to do this?


#2

a1Learner,

The beauty of JWT tokens and Auth0 is the ability to amend user_data and app_data to Auth0 users. Or, custom properties that are attached to the Auth0 users.

Just one of many ways is that you can store the GUID of the resource/user in the Auth0 user as app_data. When you get the JWT token you can look at the app_data and know what it relates to on your resource server.

When you get the token you only need to verify the token. If you stored your GUID as app_
data when you created the user you will get it back in the profile each time they login.


#3

Thanks michael,
Would you be willing to point me towards the part of the documentation that explains how to edit app_metadata and user_metadata programmatically? I’m having trouble finding it. I’m using React for my front end and python for my backend if that is relevant


#4

You can use a Post User Registration Hook to do the necessary operation on your database. The Hook will have the user_id attribute, hence wouldn’t require you to make a call to the Management API. Read the Hooks documentation for more info:

https://auth0.com/docs/hooks/extensibility-points/post-user-registration


#5