Auth0 Is Not My Friend

Daily Standup

I’m using Auth0 to handle user accounts and authentication in project GFT. With the absolute basic setup, it’s been working great. However I keep some user data locally in the application, and getting the two to play nicely has been a headache today.

Can I Just Get The Username Please?

When a user logs in to the application, Auth0 sends a userProfile back to the app along with the security token, and the profile (with the implementation of passport-auth0) is added onto req.user. This means I can access Auth0’s basic user information from any route by calling req.user.user_id or, etc. I save some of this data to my local users table when the user logs in for the first time, so that it can be easily accessible within the app.

But unfortunately (and very strangely if you ask me!), Auth0 doesn’t send the user’s username in the content of the userProfile. Don’t ask me why. So I explored several options for accomplishing this. In the end, I decided to make do with a duct-tape-fix for now, in the interest of getting the app deployed. But I’ll need to go back to this for a more permanent fix, so here’s where I left off in researching the topic:

Is it possible to add the username to the userProfile that is already being sent to the app?

Can I use the Auth0 API to get and update a user’s username? Yes:

Is the Auth0 username guaranteed to be unique? Since I have a UNIQUE constraint on the username field in my local users table, is there a risk that my app will throw errors if users change their username with Auth0?

How will users even be able to update their details like username, photo, etc?

  • This widget can be implemented to let users update their info (metadata only though!)