Use the Management API in Rules

Use the Management API in Rules

When you write Rules, you can use the auth0 object to update a user's app_metadata or user_metadata (for details on how to do this, see Metadata in Rules).

If you wish to access more Management API endpoints inside Rules, you have to use another version of the library.

Searching for users inside Rules may affect the performance of your logins, and we advise against it.

Access a newer version of the library

You can load a newer version of the Auth0 Node.js client library by requiring the specific version on the library (check the repository for up-to-date version information). The sample code below loads version 2.9.1 of the library, then queries the list of users and logs the users to the console (to be inspected with the Real-time Webtask Logs Extension):

function (user, context, callback) {
  var ManagementClient = require('auth0@2.9.1').ManagementClient;
  var management = new ManagementClient({
    token: auth0.accessToken,
    domain: auth0.domain

  management.getUsers(function (err, users) {
    callback(null, user, context);

For a filtered list of available libraries that can be set as required, check the available library versions.

The Access Token for the Management API, which is available through auth0.accessToken, is limited to the read:users and update:users scopes. If you require a broader range of scopes, you can Get Access Tokens for Production to request a token using the Client Credentials Grant.