Update User Profiles Using Your Database

You can update user profiles when using your own database as an identity provider by:

Update users with the Management API

When using your own database for authentication, you can use the Management API to update the following fields:

  • app_metadata
  • user_metadata
  • blocked

If you need to update other user fields you will need to do it directly in your database.

Update users in your database

You can update user profiles in your database as you normally do, and Auth0 will update its cached user profile the next time that user logs in.

The user profile in the custom database can be implemented with any user profile structure, but you need to map it in the Login call to the Auth0 normalized user profile attributes as shown in the "Login" custom database template.

Access the custom database templates are accessed via Connections -> Database -> Custom Database. Be sure to turn on the "Use my own database" toggle to enable editing the scripts.

See the User profile cache section below for a brief overview of how Auth0 caches user profiles.

Update users through migration

If you have enabled user migration, and a user has already been migrated to the Auth0 database, then Auth0 will not query your database again for the user profile. And therefore all changes made in the custom database for that user will never reflect in Auth0.

Once a user has been migrated, you will also be able to update fields such as email and email_verified via the Management API. However, normal rules for updating other user fields will still apply as described in the Normalized User Profile (for example, you will still not be able to update fields such as nickname, picture and so on).

User profile cache

Auth0 caches the user profile received from a database connection before sending it to the client application. This cache is stored in the Auth0 database and is refreshed each time the user authenticates.

The cached values for the Normalized User Profile fields are based on the values returned from the Login Script of your custom database connection.

The User Profile is cached for several reasons. First, caching allows you the option of implementing Single Sign-On at the Auth0 layer to avoid going to the Connection for every request. Additionally, this provides resilience if a Connection is temporarily unavailable.

You can delete a user's cached profile with the Auth0 Dashboard or the Management API. See User Data Storage Best Practices for more information.

Keep reading