Customizing Your Emails

GDPR: Right to access, correct, and erase data

As per articles 15, 16, 17, and 19 of GDPR, users have the right to get a copy of their personal data you are processing, ask for rectifications if they are inaccurate, and ask you to delete their personal data.

With Auth0, you can access, edit, and delete user information:

The contents of this document are not intended to be legal advice, nor should they be considered a substitute for legal assistance. The final responsibility for understanding and complying with GDPR resides with you, though Auth0 will assist you in meeting GDPR requirements where possible.

Configuring email templates

Manual process

You can view, edit, and delete user information at Dashboard > Users. Drill down to a user to view their info. The information you can change are:

Field How to edit
Email Click Edit. Set the new email.
Email verified Click Edit at the Εmail field. Click the Set email as verified link.
Metadata Both the app_metadata and the user_metadata objects are editable from this screen. Edit the JSON at the Metadata section and save your changes.
Blocked Not directly editable. Click Actions > Block User at the top right of this screen. To unblock click Actions > Unblock User.
Email Not directly editable. Click Actions > Change Email at the top right of this screen.
Password Not directly editable. Click Actions > Change Password at the top right of this screen.

To delete a user, drill down and click Actions > Delete User.

Common variables

Programmatic process

You can also retrieve, edit, and delete user information using our API.

First, pick an endpoint that matches your needs:

In order to call any of the API's endpoints, you will need an valid Access Token. This token must have the required permissions per endpoint.

Each endpoint at the Management API explorer has a section Scopes that lists the scope(s) that the Access Token must contain in order to access it. For example, the Delete user endpoint requires the delete:users scope.

To learn more about these tokens and how you can generate one, see Access Tokens for the Management API.

Once you know which endpoint you want to access, and you have a valid Access Token, you are ready to send your request.

Configuring the From Address

Editable data

The following user information can be updated using the API:

  • blocked
  • email_verified
  • email
  • verify_email
  • password
  • phone_number
  • phone_verified
  • verify_password
  • user_metadata
  • app_metadata
  • username

For a list of all the user attributes, refer to the Structure of the User Profile.

The following user information are not editable:

  • given_name
  • family_name
  • name
  • nickname
  • picture

SPF Configuration

Searchable fields

You can search for users using the following:

What else do I have to do?

You are responsible for ensuring customer is erased or data is updated in any other databases that Auth0 is not connected to.