Where should I create ManagementClient instances...or should I just create users via client? (Node / React)

czbaker · July 25, 2021, 12:34pm

I’m working on my first real project using Auth0 as an identity management solution and have run into a bit of a question:

I see that when you use the NodeJS library (auth0) that you’re supposed to create an instance of auth0.ManagementClient and then use that to complete tasks via the Management API (such as manual creation of users, etc.)

That’s fine, but I also read that if you provide adequate credentials, that you can automatically generate a token to make requests with subject to expiration based on expires_in settings, etc.

Do I need to create a new instance of ManagementClient for each request or is it adequate to create one instance during server startup and export that to places that need it?

It seems to me (correct if wrong) that if I create one instance, then export…things will be fine up until I hit the expiration and then all of my ManagementClient-based reqeusts will fail due to an expired token?

I just wanted to ask here and make sure I was right in that thinking so I would know what the best practice was for creating instance(s) of ManagentClient before I got to writing user registration code for my new project (I am doing this using a custom form that I built using React for my frontend).

Alternatively: Should I even be doing it this way? I was under the impression that I would need to incorporate the Management API (via Express) to handle custom registrations, and that there wasn’t a way to do this in React itself…otherwise I wouldn’t even need to do this in Express?

I read a little bit about the Authentication REST API and maybe the best way to handle this is just using that API with axios on the client?

Thanks in advance for any advice/assistance.

I’m pretty new to Auth0 in general (it’s awesome so far!), and I can’t figure out which is the more optimal/preferred way to deal with these registration requests.

dan.woda · July 26, 2021, 5:12pm

Hi @czbaker,

We provide a signup endpoint. You should use this for custom signup.

You can make this request with a library like Axios, or you can use the Authentication provider in the auth0-node library. Here is the reference for doing that: https://auth0.github.io/node-auth0/module-auth.DatabaseAuthenticator.html#signUp

Also, here is the signup endpoint for reference:

https://auth0.com/docs/api/authentication#signup

Let me know if you have any questions!

Here are answers to some of you other questions, although you may not need to use this info anymore (note: you can use the management API, but the signup endpoint is probably preferred):

No, you don’t need to make a new instance every time you make a request. Using that same instance for multiple requests is okay.

There are two ways to authenticate your management client against your tenant. You can provide a token to the client, or you can provide the client credentials, and the client will automatically request a token and handle expiration. Here is the reference.

Providing the client id and secret (client credentials) will put the SDK in charge of requesting tokens and renewing when they expire.

czbaker · July 29, 2021, 11:10am

Oh, cool. I should have known that the client probably knew to handle token renewal when it expired so it would keep going.

I ended up going with using the signup endpoint via Axios on the client side.

Thank ya!

dan.woda · July 29, 2021, 3:15pm

Great! Glad that resolved it. Let me know if you have any more questions.

system · August 13, 2021, 3:16pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.