Users with the same user_id are impossible to update correctly

When we get the users by emails, we noticed that we got some users with the same user_id returned.

For example myself:
when I http GET https://easymile-sitecc.eu.auth0.com/api/v2/users-by-email?email=my_email@ddress.com

I get a lot of responses with the same user_id

[
  {
    "email": "my_email@ddress.com",
    "identities": [
      {
        "connection": "my-connection-1",
        "provider": "google-oauth2",
        "user_id": "my-google-oauth2-id"
      }
    ],
    "user_id": "google-oauth2|my-google-oauth2-id"
  },
  {
    "email": "my_email@ddress.com",
    "identities": [
      {
        "connection": "my-completely-other-connection",
        "provider": "google-oauth2",
        "user_id": "my-google-oauth2-id"
      }
    ],
    "user_id": "google-oauth2|my-google-oauth2-id"
  }
]

In this little example, if I want to update the first, I can’t because when I perform an http GET on ‘https://easymile-sitecc.eu.auth0.com/api/v2/users/google-oauth2|my-google-oauth2-id’ I only get one result, and it’s not the same one when I do a PATCH (For updating app_metadata in my case)

What I want to do is be able to update a user for a particular connection, and that does not seem to be possible.

Am I missing something obvious here?
I tried to use the application (client_id/secret) associated to the connection I wanted to update but the same issue is here.

Regards,
Michaël Bitard

:wave: @michael.bitard If it’s the case where your databases return the same IDs for different connections, what we can do is prepend a connection identifier to the user_id in the custom DB script so that the Auth0 user_ids will stay unique. For example, if you prepend ‘staging’ or ‘prod’ to the user_id in the respective connections, the Auth0 user IDs will be for example auth0|staging|1234 and auth0|prod|1234 respectively.

In a social provider context, the two users in Auth0 could point to the same user in the IdP so both would have the same user ID, but are from two different connections. The two connections will be the reason they appear as two users, despite the same IDs, as the connections are different. Therefore, when we are searching and updating via the API we would need to filter by the connection name to get the exact user. I would recommend against creating multiple connections for a single identity provider though.

1 Like

Hello @kimcodes

The problem is with social providers (So I can’t use custom DB script right?).
The main issue is that I can’t update the correct user, because when I search for it, I get a user_id, but when I PATCH this user it’s another one with the same user_id who is patched (Technically It’s the same user, but belonging to a different connection).
From what I see the problem is with the users api, auth0 is based on unique user_id which are not unique, so we should have a way to identify a user in order to PATCH it.

@michael.bitard I apologize for the delay, I wanted to circle back and see if you were able to solve your issue with updated a user? Please let me know if you require assistance and I can look back into it.

I am having this issue as well. I cannot update the user’s app_metadata of a specific connection with PATCH, even though I added the correct connection to the body of the PATCH.

The ids of the two users are the same but the connections (social, google-oauth2) are different.

It appears the PATCH only updates the the app_metadata of the first user it finds, ignoring the connection provided in the body.

@shaunUp were you able to solve your issue?

I was not able to solve this issue.

Is anyone at Auth0 able to give us a solution about this issue ?
Thank you.