The Auth0 User Profile is the set of attributes that contains specific information about a user. User Profile information may include the user's name, email address, contact information, and so on.
User Profile attributes can come from many places. Attributes may be returned by the authenticating service (such as Facebook), as well as via custom databases and web services. Auth0 refers to all attribute sources as Connections because Auth0 connects to them to authenticate the user.
Manage Users using the Management Dashboard
Use the Auth0 Management Dashboard ("Dashboard") to manage User Profiles.
Within the Dashboard, you can create, view, modify, or delete users. These options are available via the Users page.
Create a New User
To create a new user and their corresponding User Profile, click the Users page in the Dashboard. Click the +Create User button at the top right of the Users page. You will be prompted to enter the following information:
- Email: the user's email address. The maximum length is 64 chars for the user/local part and 256 chars for the domain part.
- Password: the user's password. There is no limit for max password length. For more information refer to Password Strength in Auth0 Database Connections.
- Repeat Password: retype the user's password to ensure that you entered the password correctly.
- Connection: the database connection to use to authenticate the user. The dropdown lists all the configured database connections in your tenant. The connection you use must be associated with a Client.
Fill in the required information and click Save to create the new user. For more information refer to: Creating Users via the Management Dashboard.
The Users page lists the users who are associated with your apps. To open a particular user, click the user profile picture or name in the "Name" column. The User Details page will open and display information for that user.
The User Details page has links for five tabs:
- Raw JSON
User Details: Details
The Details tab contains three sections that provide a high-level overview of the information in the user's profile:
- User Identity provides at-a-glance details about the user, including their email address, associated Connections, and access rights.
- Metadata displays the information available via the
user_metadataattributes. Click the "Edit" button in this section to edit the user's
user_metadataattributes. Note that all
app_metadataattributes are read-only.
- Identity Provider Attributes displays the information retrieved from the authentication provider. Note that Identity Provider Attributes are read-only.
User Details: Devices
The Devices tab lists the devices with which the user has requested authentication. Requesting authorization on a device links the device to the user's account.
Login details for the user are associated with the refresh token assigned to that device. To revoke the refresh token, click "Unlink" next to the device.
User Details: History
The History tab displays a log of the user's account activity for the past 2 days.
The logs include information about:
- Events that have occurred.
- When the events occurred.
- The apps associated with the events.
- The identity provider used for authentication.
- The originating IP addresses for the events.
- Where the events originated.
User Details: Locations
The Locations tab displays a map with pins indicating the user's location(s) when they logged in to the apps.
User Details: Raw JSON
The Raw JSON tab displays all of the information contained on the user's profile in JSON format so you can quickly view all of the available information about the user.
Impersonate a User
If you need to log in to your app as a user, see everything exactly as the user sees it, and do everything exactly as the user does it, you can do this using the Dashboard.
Navigate to the Users page in the Dashboard. Select the user you want to impersonate from the list. When the User Details page opens, click the "Sign in as User" button. Select the app you want to log into from the dropdown menu.
I can't see the button
Can't see the button? The following conditions are required for the button display:
- The applications registered in the tenant must have at least one callback URL listed.
- The applications must have the connections that the impersonated user belongs to turned on.
A popup will display the URL to use to impersonate the user. You can copy the URL into the clipboard (white button) or open the URL in a separate browser tab/window (blue button).
You can also use the Impersonation API to impersonate a user. The API generates a link that you can use once to log in as a specific user. To distinguish between real logins and impersonation logins, the profile of the impersonated user will contain additional
Please see User Impersonation for more information about impersonating a user.
Block and Unblock a User
To disable a user's access to your apps, you can block the user in the Dashboard.
To block a user, navigate to the Users page in the Dashboard. Click the name of the user you want to block. When the User Details page opens, click the "Actions" button. Select Block User from the dropdown menu.
If a blocked user tries to access an application, they will see the error message
user is blocked.
To unblock a user, navigate to the Users page in the Dashboard. Click the name of the user you want to unblock. When the User Details page opens, click the "Actions" button. Select Unblock User from the dropdown menu.
Delete a User
To permanently delete a user, navigate to the Users page in the Dashboard. Click the name of the user you want to delete. When the User Details page opens, click the "Actions" button. Select Delete User from the dropdown menu.
A popup will warn you that the action cannot be undone and prompt you to confirm that you want to delete the user. Click the "Yes, Delete It" button to confirm. This will permanently delete the user.
Manage Users using the Management API
Alternatively, you can retrieve, create, update or delete users using our Management API.
First, you have to generate an
access_token to call the Management API. For information on how to do that refer to The Auth0 Management APIv2 Token.
Instead of making the HTTP calls directly, and depending on the platform you use, you can use one of our SDKs. For a list of available SDKs, refer to the SDKs section of our Support Matrix.
User Access to Clients
Inside a single Auth0 tenant the users are shared between clients. The idea here is that the all the clients in a single tenant will usually belong to the same app.
For total separation you can create a new tenant. To do this click on tenant name on top right of the dashboard and select + Create Tenant . If you have multiple tenants, you can easily switch between them from the tenants menu.
If you need to restrict some users to certain clients you can use rules. Inside a rule, the
context.clientID variables are available to check which client the user is using for login. See this rule for an example.
You can also restrict users from clients by configuring a new connection and only giving access to a specific client. To enable client access for a connection go to the the Settings section for a connection and click on the Clients tab, here you can enable/disable any client.