Hi Auth0 Fam,
With my current implementation of Auth0 it’s using the users email as their username & firstname. Works great but not the best solution as it makes my community users emails public.
I can’t figure out how to fix this, might anyone be able to point me in the right direction?
Stay awesome!
Hello @alexvo2,
Welcome to the Community!
The root level username and given_name attributes can be edited, so you will be able to change them.
To fix the problem on the front end, you need to make sure you are mapping the correct values in at account creation time. Otherwise Auth0 will use the email address, or variations of the email address, for fields like the name and nickname. Have a look at the “body sample” for the create user call.
For existing users, if you can create some logic for updating existing values, you can create a rule to update users as they log in.
Hey Mark -
Was curious if you could elaborate on this solution. We currently have this issue (where firstname is overridden by email address in WP), and were curious if there was a way to prevent Auth0 from doing this. Or perhaps by asking for user first name on sign up in Auth0?
Hello @Erica,
Welcome to the Community!
The first thing to note is that this is based mainly on “database” users. Enterprise login and social login will be a bit different.
Also not that you can change these fields after the user is signed up. So if you want to keep registration simple, you can leave these out up front, and have the user fill in the details later.
That said, the only way to prevent this behaviour is to provide the data up front. Root level fields like nickname are standard OpenID Connect claims and I suspect Auth0 is trying to fill those in as best it can based on the data it has at hand. E.g., if I create a user using:
{
"app_metadata": {},
"connection": "Username-Password-Authentication",
"email": "shepard@sr2.ca",
"password": "${A_PASSWORD}",
"user_metadata": {}
}
The resulting using user has a nickname, even though I did not specify one:
{
"created_at": "2020-12-14T20:54:08.888Z",
"email": "shepard@sr2.ca",
"email_verified": false,
"identities": [
{
"connection": "Username-Password-Authentication",
"user_id": "5fd7d0f091a780006f20c283",
"provider": "auth0",
"isSocial": false
}
],
"name": "shepard@sr2.ca",
"nickname": "shepard",
"picture": "https://s.gravatar.com/avatar/328ed7181b0dcfdf2b114080c20ed6fe?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fsh.png",
"updated_at": "2020-12-14T20:54:08.888Z",
"user_id": "auth0|5fd7d0f091a780006f20c283",
"user_metadata": {},
"blocked_for": [],
"guardian_authenticators": []
}
So one solution is to provide the details when the user is created:
{
"app_metadata": {},
"connection": "Username-Password-Authentication",
"email": "liara@sr2.ca",
"family_name": "T'Soni",
"given_name": "Liara",
"name": "Liara T'Soni",
"nickname": "Liara",
"password": "${ANOTHER_PASSWORD}",
"user_id": "ee90811f-9f95-44f4-9b92-8a2dcb9b5bed",
"user_metadata": {}
}
Resulting in:
{
"created_at": "2020-12-14T20:54:30.585Z",
"email": "liara@sr2.ca",
"email_verified": false,
"family_name": "T'Soni",
"given_name": "Liara",
"identities": [
{
"connection": "Username-Password-Authentication",
"user_id": "ee90811f-9f95-44f4-9b92-8a2dcb9b5bed",
"provider": "auth0",
"isSocial": false
}
],
"name": "Liara T'Soni",
"nickname": "Liara",
"picture": "https://s.gravatar.com/avatar/cb8f7e1bd1a0e014808fea2a5ee7d704?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Flt.png",
"updated_at": "2020-12-14T20:54:30.585Z",
"user_id": "auth0|ee90811f-9f95-44f4-9b92-8a2dcb9b5bed",
"user_metadata": {},
"blocked_for": [],
"guardian_authenticators": []
}
Ok, first off - Best example names ever. (Huge Garrus fan myself :D)
I think I found my way to that same conclusion - and I was having a go at adding the additionalSignUpFields in JSON in the Auth0 Advance settings of the WP plugin, but still wasn’t getting the new fields to pop up.
I added:
{
“additionalSignUpFields”: {
“name”: “name”,
“storage”: “root”,
“placeholder”: “your full name”
}
}
Perhaps there is something wrong with the JSON I am adding to make those fields appear in the signup page?
This is not my area of expertise (I am not a dev) but I’ll give it a go … where are you adding the additionalSignUpFields? They work for me as long as I add them to the var lock = new Auth0Lock() clause. The documentation makes it look like it should be a separate clause
var options = {
additionalSignUpFields: [{
name: "name",
storage: "root"
}]
};
which, maybe it should, but this is what works for me:
var lock = new Auth0Lock(config.clientID, config.auth0Domain, {
auth: {
redirectUrl: config.callbackURL,
.
.
.
additionalSignUpFields: [{
name: "Name",
placeholder: "Name",
storage: "root"
}]
});
{
"created_at": "2020-12-14T23:39:28.954Z",
"email": "calibrate@sr2.ca",
"email_verified": false,
"identities": [
{
"user_id": "5fd7f7b0183c5800765a0278",
"provider": "auth0",
"connection": "Username-Password-Authentication",
"isSocial": false
}
],
"name": "Garrus V",
"nickname": "calibrate",
"picture": "https://s.gravatar.com/avatar/2227e391201eed072decda8a64ebee71?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fgv.png",
"updated_at": "2020-12-14T23:39:30.151Z",
"user_id": "auth0|5fd7f7b0183c5800765a0278",
"user_metadata": {},
"app_metadata": {
"uuid": "e71ad3c0-4663-4d81-b45d-73c05fe252c0"
},
"last_ip": "198.84.135.136",
"last_login": "2020-12-14T23:39:29.818Z",
"logins_count": 1,
"blocked_for": [],
"guardian_authenticators": []
}
Kinda-sorta a huge Mass Effect fanboi over here … 
where are you adding the
additionalSignUpFields?
In WordPress, there is a plugin for Auth0. In the Settings > Embedded, there is a field called “Extra Settings” that says “Valid JSON for Lock options configuration; will override all options set elsewhere. See options and examples.”
One would think that means if I enter valid JSON, it would look just like the example you used (in Javascript)… Alas… It does not!
Any other Wordpress Plugin experienced folks solve this problem before?
Digging a bit deeper - it seems our WordPress is not picking up the Auth0 Lock configurations we set in our Auth0 Plugin.
After doing some edits - it appears because we are using the Universal Log In page. Which it appears the Auth0 plugin options do not override.
Do you know where I can make these same changes on the universal login page?
Heh - nevermind! Did more digging, and found I can manage that in my auth0 account!
My name is Commander Erica and this is my favorite community in the citadel!
Teamwork makes the dreamwork!
Hi, I am facing a similar problem though in a different context.
I have an invite-based system of adding users, and I am manually adding users via the User Management tab’s Create User function. I am setting up the username of the user and filling out all the necessary details. I have added a Rule which attached the username and email to the JWT so that I can store the data to my app’s own DB in case there is a new entry.
function (user, context, callback) {
// Add Email claim to the access_token
context.accessToken.custom_email = user.email;
context.accessToken.name = user.nickname;
// test
context.accessToken['https://link-backend.email'] = user.email;
context.accessToken['https://link-backend.name'] = user.nickname;
return callback(null, user, context);
}
For some reason, the JWT keeps sending the <string>@email.com part as the user.nickname as value. but the same assigns the value of username to the nickname function if I signup from the signup window of auth0.
Ex: (from signup)
username: deneuve
email: deneuve123@email.com
password: **
The nickname value then assigned is as deneuve.
But If I do the manual registration from the way mentioned in the question the user.nickname is returned as deneuve123.
I want to be able to assign the username value to the ‘user.nickname’ while registering manually from the Create User option.
I am hoping, I am doing it correctly. If the team could help me with this? it would be really helpful!
Thanks!
Hi Erica!
Can you please point me in the right direction where to do that in the Auth0 account?
I’m using the Wordpress plugin with ULP and haven’t found the way to change the settings so that the name is not the email.
Thanks in advance