We have an issue where there are multiple users with the same Auth0 ID.
For example, two users share this ID:
user auth0|5cad280a74e02a114ff02d9a
, with a “portal-db” database connection
user auth0|5cad280a74e02a114ff02d9a
, with an “impersonation” database connection
We don’t know how this happened, and we are ready to investigate, but first we need to resolve this somehow. It’s causing a lot of problems, including over a 100 users unable to access content our portal. Let me explain:
Because the IDs are supposed to be unique, all calls to all APIs (we’re mostly using Management API) target only one of the users. But if the user signs in as the other user with the same ID, we are unable to change their app_metadata
, on which our latest feature relies. This also extends beyond the APIs. If we use Auth0’s Dashboard to try and update our users’s app_metadata
, or anything else including e-mail verification status, the user’s name, or their user_metadata
, it always gets saved only on one of the users. I presume it’s because they share IDs.
Desired outcome:
EITHER Impersonation
users are linked to their non-impersonation same-ID counterparts
OR Impersonation
users are deleted while their same-ID counterparts stay
Attempted solutions:
Deleting one of the users in Auth0 dashboard
outcome: Both users sharing the ID are deleted
Linking the two user account using Management API (/api/v2/users/PRIMARY_ID/identities
)
outcome: 400 Bad Request “Main Identity and the new one are the same.”
Changing e-mail on one of the users
outcome: does not change auth0 ID and thus all Management API calls still target the newer Impersonation user
EDIT: Here’s a (modified) screenshot from our Auth0 Dashboard. It shows two users coming up in a search for user id auth0|5cad280a74e02a114ff02d9a
We opened a Support ticket #00466816 7 days ago. The issue has not yet been resolved and we haven’t heard back from anyone in that ticked since Thursday. We are anxious to get this resolved, because our customers are getting impatient and aggravated.