Use the Management API from within Rules

From within any Auth0 Rule you write, you can update a user's app_metadata or user_metadata using the auth0 object, which is a specially-restricted instance of ManagementClient (defined in the node-auth0 Node.js client library) and provides limited access to the Auth0 Management API. To learn more, read Rules Execution Best Practice.

To access additional Management API endpoints from inside Rules, you have to use another version of the library.

The Access Token for the Management API, which is available through auth0.accessToken, is limited to the read:users and update:users scopes. If you require a broader range of scopes, you can request a token using the Client Credentials Flow. See Get Management API Access Tokens for Production.

Access a newer version of the library

You can load a newer version of the Auth0 Node.js client library by requiring the specific version of the library. For up-to-date version information, check the Auth0 Node repository in Github.

In this example, we load version 2.9.1 of the library, then query the list of users and logs the users to the console (to be inspected with the Real-time Webtask Logs Extension).

Searching for users from inside Rules may affect the performance of your logins; we advise against it.

function (user, context, callback) {
  var ManagementClient = require('auth0@2.9.1').ManagementClient;
  var management = new ManagementClient({
    token: auth0.accessToken,
    domain: auth0.domain

  management.getUsers(function (err, users) {
    callback(null, user, context);

For a filtered list of available libraries that can be set as required, check the available library versions.