There are two kinds of metadata in Auth0:
user_metadatastores user attributes (such as preferences) that do not impact users' core functionality. An authenticated user can modify this type of data.
app_metadatastores information (such as users' support plans, security roles, and access control groups) that can impact users' core functionality. For example, how an application functions or what the user can access. A user cannot modify this type of data.
For example, suppose the following metadata is stored for a use with the email address
To read metadata, simply access the correct property as you would from any JSON object. For example, if you were working with the above example metadata within a Rule or via a call to the Management API, you could reference specific items from the data set as follows:
There are a few different ways you can customize the user metadata:
Use Rules, which execute after a user has been authenticated, to augment the user profile during the authentication transaction, and optionally persist those changes back to Auth0.
GET/userinfo endpoint to get a user's
user-metadata, however you must first write a Rule to copy metadata properties to the ID Token.
You can use the Management API to create, retrieve, or update both the
After you have customized the user metadata, you can manage and store data related to each of your users that doesn't originate from identity providers in the Auth0 data store or your own custom database.
API endpoints, libraries, and best practices