You are asking why Auth0 user lookups fail when the email address contains a plus sign, such as firstname.surname+1@gmail.com, when using the Management API users-by-email and users search endpoints. The key point is that the plus sign must be URL-encoded as %2B, and unencoded + is interpreted as a space in query strings.
Resolved:
Use the /api/v2/users-by-email endpoint with the full email address and URL-encode the plus sign as %2B, because Auth0 community guidance shows that unencoded + is treated as a space and causes the lookup to fail.
Call the endpoint in this format for your example email address: https://YOUR_DOMAIN.auth0.com/api/v2/users-by-email?email=firstname.surname%2B1@gmail.com
Avoid using an incomplete tenant domain such as https://.auth0.com, because the Management API request must target your actual Auth0 tenant domain in the format https://YOUR_DOMAIN.auth0.com.
Use the /api/v2/users search endpoint only if needed, and ensure the query string itself is encoded correctly when searching for an email containing +.
Verify that the request includes a valid Management API access token with the required scope, because a true 404 can also indicate that the request is being sent to the wrong domain or path rather than a search parsing issue.
Prefer the dedicated Search Users by Email endpoint for exact email lookups, because Auth0 provides that endpoint specifically for email-based retrieval.