The Auth0 User Profile is the set of attributes that contains specific information about a user. User Profile information may include the user's name, email address, contact information, and so on. Please see Structure of the User Profile for more information about the attributes available on the User Profile.
User Profile attributes can come from many places. Attributes may be returned by the authenticating service (such as Facebook), as well as via custom databases and web services. Auth0 refers to all attribute sources as Connections because Auth0 connects to them to authenticate the user.
For more information about User Profiles, please see User Profile: In-Depth Details.
Manage User Profiles in the Management Dashboard
Use the Auth0 Management Dashboard ("Dashboard") to manage User Profiles.
Within the Dashboard, you can create, view, modify, or delete users. These options are available via the Users page.
Create a New User
To create a new user and their corresponding User Profile, click the Users page in the Dashboard. Click the +Create User button at the top right of the Users page. You will be prompted to enter the following information:
- Email: the user's email address. The maximum length is 64 chars for the user/local part and 256 chars for the domain part.
- Password: the user's password. There is no limit for max password length. For more information refer to Password Strength in Auth0 Database Connections.
- Repeat Password: retype the user's password to ensure that you entered the password correctly.
- Connection: the database connection to use to authenticate the user. The dropdown lists all the configured database connections in your account. The connection you use must be associated with a Client.
Fill in the required information and click Save to create the new user. For more information refer to: Creating Users via the Management Dashboard.
The User Details page will show “pending” when a user is first created until they have logged in for the first time.
The Users page lists the users who are associated with your apps. To open a particular user, click the user profile picture or name in the "Name" column. The User Details page will open and display information for that user.
The User Details page has links for five tabs:
- Raw JSON
User Details: Details
The Details tab contains three sections that provide a high-level overview of the information in the user's profile:
- User Identity provides at-a-glance details about the user, including their email address, associated Connections, and access rights.
- Metadata displays the information available via the
user_metadataattributes. Click the "Edit" button in this section to edit the user's
user_metadataattributes. Note that all
app_metadataattributes are read-only.
- Identity Provider Attributes displays the information retrieved from the authentication provider. Note that Identity Provider Attributes are read-only.
User Details: Devices
The Devices tab lists the devices with which the user has requested authentication. Requesting authorization on a device links the device to the user's account.
Login details for the user are associated with the refresh token assigned to that device. To revoke the refresh token, click "Unlink" next to the device.
User Details: History
The History tab displays a log of the user's account activity for the past 2 days.
The logs include information about:
- Events that have occurred.
- When the events occurred.
- The apps associated with the events.
- The identity provider used for authentication.
- The originating IP addresses for the events.
- Where the events originated.
User Details: Locations
The Locations tab displays a map with pins indicating the user's location(s) when they logged in to the apps.
User Details: Raw JSON
The Raw JSON tab displays all of the information contained on the user's profile in JSON format so you can quickly view all of the available information about the user.
Impersonate a User
If you need to log in to your app as a user, see everything exactly as the user sees it, and do everything exactly as the user does it, you can do this using the Dashboard.
Navigate to the Users page in the Dashboard. Select the user you want to impersonate from the list. When the User Details page opens, click the "Sign in as User" button. Select the app you want to log into from the dropdown menu.
I can't see the button
Can't see the button? The following conditions are required for the button display:
- The applications registered in the account must have at least one callback URL listed.
- The applications must have the connections that the impersonated user belongs to turned on.
A popup will display the URL to use to impersonate the user. You can copy the URL into the clipboard (white button) or open the URL in a separate browser tab/window (blue button).
You can also use the Impersonation API to impersonate a user. The API generates a link that you can use once to log in as a specific user. To distinguish between real logins and impersonation logins, the profile of the impersonated user will contain additional
Please see User Impersonation for more information about impersonating a user.
Block and Unblock a User
To disable a user's access to your apps, you can block the user in the Dashboard.
To block a user, navigate to the Users page in the Dashboard. Click the name of the user you want to block. When the User Details page opens, click the "Actions" button. Select Block User from the dropdown menu.
If a blocked user tries to access an application, they will see the error message
user is blocked.
To unblock a user, navigate to the Users page in the Dashboard. Click the name of the user you want to unblock. When the User Details page opens, click the "Actions" button. Select Unblock User from the dropdown menu.
Delete a User
To permanently delete a user, navigate to the Users page in the Dashboard. Click the name of the user you want to delete. When the User Details page opens, click the "Actions" button. Select Delete User from the dropdown menu.
A popup will warn you that the action cannot be undone and prompt you to confirm that you want to delete the user. Click the "Yes, Delete It" button to confirm. This will permanently delete the user.
User Access to Clients
Inside a single tenant (Auth0 account) the users are shared between clients. The idea here is that the all the clients in a single tenant will usually belong to the same app.
For total separation you can create a new account. To do this click on tenant name on top right of the dashboard and select New Account . If you have multiple tenants, you can easily switch between them from the accounts menu.
If you need to restrict some users to certain clients you can use rules. Inside a rule, the
context.clientID variables are available to check which client the user is using for login. See this rule for an example.
You can also restrict users from clients by configuring a new connection and only giving access to a specific client. To enable client access for a connection go to the the Settings section for a connection and click on the Clients tab, here you can enable/disable any client.