Class: Auth0::Users::Client

Inherits:

Object

• Object
• Auth0::Users::Client

Defined in:

lib/auth0/users/client.rb

Instance Method Summary

• #authentication_methods ⇒ Auth0::AuthenticationMethods::Client
• #authenticators ⇒ Auth0::Authenticators::Client
• #connected_accounts ⇒ Auth0::ConnectedAccounts::Client
• #create(request_options: {}, **params) ⇒ Auth0::Types::CreateUserResponseContent

  Create a new user for a given database or passwordless connection.

• #delete(request_options: {}, **params) ⇒ untyped

  Delete a user by user ID.

• #effective_permissions ⇒ Auth0::EffectivePermissions::Client
• #effective_roles ⇒ Auth0::EffectiveRoles::Client
• #enrollments ⇒ Auth0::Enrollments::Client
• #federated_connections_tokensets ⇒ Auth0::FederatedConnectionsTokensets::Client
• #get(request_options: {}, **params) ⇒ Auth0::Types::GetUserResponseContent

  Retrieve user details.

• #groups ⇒ Auth0::Groups::Client
• #identities ⇒ Auth0::Identities::Client
• #initialize(client:) ⇒ void constructor
• #list(request_options: {}, **params) ⇒ Auth0::Types::ListUsersOffsetPaginatedResponseContent

  Retrieve details of users.

• #list_users_by_email(request_options: {}, **params) ⇒ Array[Auth0::Types::UserResponseSchema]

  Find users by email.

• #logs ⇒ Auth0::Logs::Client
• #multifactor ⇒ Auth0::Multifactor::Client
• #organizations ⇒ Auth0::Organizations::Client
• #permissions ⇒ Auth0::Permissions::Client
• #refresh_token ⇒ Auth0::RefreshToken::Client
• #regenerate_recovery_code(request_options: {}, **params) ⇒ Auth0::Types::RegenerateUsersRecoveryCodeResponseContent

  Remove an existing multi-factor authentication (MFA) recovery code and generate a new one.

• #revoke_access(request_options: {}, **params) ⇒ untyped

  Revokes selected resources related to a user (sessions, refresh tokens, ...).

• #risk_assessments ⇒ Auth0::RiskAssessments::Client
• #roles ⇒ Auth0::Roles::Client
• #sessions ⇒ Auth0::Sessions::Client
• #update(request_options: {}, **params) ⇒ Auth0::Types::UpdateUserResponseContent

  Update a user.

Constructor Details

#initialize(client:) ⇒ void

Parameters:

• client (Auth0::Internal::Http::RawClient)

# File 'lib/auth0/users/client.rb', line 9

def initialize(client:)
  @client = client
end

Instance Method Details

#authentication_methods ⇒ Auth0::AuthenticationMethods::Client

Returns:

• (Auth0::AuthenticationMethods::Client)

# File 'lib/auth0/users/client.rb', line 470

def authentication_methods
  @authentication_methods ||= Auth0::Users::AuthenticationMethods::Client.new(client: @client)
end

#authenticators ⇒ Auth0::Authenticators::Client

Returns:

• (Auth0::Authenticators::Client)

# File 'lib/auth0/users/client.rb', line 475

def authenticators
  @authenticators ||= Auth0::Users::Authenticators::Client.new(client: @client)
end

#connected_accounts ⇒ Auth0::ConnectedAccounts::Client

Returns:

• (Auth0::ConnectedAccounts::Client)

# File 'lib/auth0/users/client.rb', line 480

def connected_accounts
  @connected_accounts ||= Auth0::Users::ConnectedAccounts::Client.new(client: @client)
end

#create(request_options: {}, **params) ⇒ Auth0::Types::CreateUserResponseContent

Create a new user for a given database or passwordless connection.

Note: connection is required but other parameters such as email and password are dependent upon the type of connection.

Parameters:

• request_options (Hash) (defaults to: {})
• params (Auth0::Users::Types::CreateUserRequestContent)

Options Hash (request_options:):

• :base_url (String)
• :additional_headers (Hash{String => Object})
• :additional_query_parameters (Hash{String => Object})
• :additional_body_parameters (Hash{String => Object})
• :timeout_in_seconds (Integer)

Returns:

• (Auth0::Types::CreateUserResponseContent)

# File 'lib/auth0/users/client.rb', line 114

def create(request_options: {}, **params)
  params = Auth0::Internal::Types::Utils.normalize_keys(params)
  request = Auth0::Internal::JSON::Request.new(
    base_url: request_options[:base_url],
    method: "POST",
    path: "users",
    body: Auth0::Users::Types::CreateUserRequestContent.new(params).to_h,
    request_options: request_options
  )
  begin
    response = @client.send(request)
  rescue Net::HTTPRequestTimeout
    raise Auth0::Errors::TimeoutError
  end
  code = response.code.to_i
  if code.between?(200, 299)
    Auth0::Types::CreateUserResponseContent.load(response.body)
  else
    error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
    raise error_class.new(response.body, code: code)
  end
end

#delete(request_options: {}, **params) ⇒ untyped

Delete a user by user ID. This action cannot be undone. For Auth0 Dashboard instructions, see Delete Users.

Parameters:

• request_options (Hash) (defaults to: {})
• params (Hash)

Options Hash (request_options:):

• :base_url (String)
• :additional_headers (Hash{String => Object})
• :additional_query_parameters (Hash{String => Object})
• :additional_body_parameters (Hash{String => Object})
• :timeout_in_seconds (Integer)

Options Hash (**params):

• :id (String)

Returns:

• (untyped)

Raises:

• (error_class)

# File 'lib/auth0/users/client.rb', line 240

def delete(request_options: {}, **params)
  params = Auth0::Internal::Types::Utils.normalize_keys(params)
  request = Auth0::Internal::JSON::Request.new(
    base_url: request_options[:base_url],
    method: "DELETE",
    path: "users/#{URI.encode_uri_component(params[:id].to_s)}",
    request_options: request_options
  )
  begin
    response = @client.send(request)
  rescue Net::HTTPRequestTimeout
    raise Auth0::Errors::TimeoutError
  end
  code = response.code.to_i
  return if code.between?(200, 299)

  error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
  raise error_class.new(response.body, code: code)
end

#effective_permissions ⇒ Auth0::EffectivePermissions::Client

Returns:

• (Auth0::EffectivePermissions::Client)

# File 'lib/auth0/users/client.rb', line 485

def effective_permissions
  @effective_permissions ||= Auth0::Users::EffectivePermissions::Client.new(client: @client)
end

#effective_roles ⇒ Auth0::EffectiveRoles::Client

Returns:

• (Auth0::EffectiveRoles::Client)

# File 'lib/auth0/users/client.rb', line 490

def effective_roles
  @effective_roles ||= Auth0::Users::EffectiveRoles::Client.new(client: @client)
end

#enrollments ⇒ Auth0::Enrollments::Client

Returns:

• (Auth0::Enrollments::Client)

# File 'lib/auth0/users/client.rb', line 495

def enrollments
  @enrollments ||= Auth0::Users::Enrollments::Client.new(client: @client)
end

#federated_connections_tokensets ⇒ Auth0::FederatedConnectionsTokensets::Client

Returns:

• (Auth0::FederatedConnectionsTokensets::Client)

# File 'lib/auth0/users/client.rb', line 500

def federated_connections_tokensets
  @federated_connections_tokensets ||= Auth0::Users::FederatedConnectionsTokensets::Client.new(client: @client)
end

#get(request_options: {}, **params) ⇒ Auth0::Types::GetUserResponseContent

Retrieve user details. A list of fields to include or exclude may also be specified. For more information, see Retrieve Users with the Get Users Endpoint.

Parameters:

• request_options (Hash) (defaults to: {})
• params (Hash)

Options Hash (request_options:):

• :base_url (String)
• :additional_headers (Hash{String => Object})
• :additional_query_parameters (Hash{String => Object})
• :additional_body_parameters (Hash{String => Object})
• :timeout_in_seconds (Integer)

Options Hash (**params):

• :id (String)
• :fields (String, nil)
• :include_fields (Boolean, nil)

Returns:

• (Auth0::Types::GetUserResponseContent)

# File 'lib/auth0/users/client.rb', line 200

def get(request_options: {}, **params)
  params = Auth0::Internal::Types::Utils.normalize_keys(params)
  query_params = {}
  query_params["fields"] = params[:fields] if params.key?(:fields)
  query_params["include_fields"] = params[:include_fields] if params.key?(:include_fields)

  request = Auth0::Internal::JSON::Request.new(
    base_url: request_options[:base_url],
    method: "GET",
    path: "users/#{URI.encode_uri_component(params[:id].to_s)}",
    query: query_params,
    request_options: request_options
  )
  begin
    response = @client.send(request)
  rescue Net::HTTPRequestTimeout
    raise Auth0::Errors::TimeoutError
  end
  code = response.code.to_i
  if code.between?(200, 299)
    Auth0::Types::GetUserResponseContent.load(response.body)
  else
    error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
    raise error_class.new(response.body, code: code)
  end
end

#groups ⇒ Auth0::Groups::Client

Returns:

• (Auth0::Groups::Client)

# File 'lib/auth0/users/client.rb', line 505

def groups
  @groups ||= Auth0::Users::Groups::Client.new(client: @client)
end

#identities ⇒ Auth0::Identities::Client

Returns:

• (Auth0::Identities::Client)

# File 'lib/auth0/users/client.rb', line 510

def identities
  @identities ||= Auth0::Users::Identities::Client.new(client: @client)
end

#list(request_options: {}, **params) ⇒ Auth0::Types::ListUsersOffsetPaginatedResponseContent

Retrieve details of users. It is possible to:

• Specify a search criteria for users
• Sort the users to be returned
• Select the fields to be returned
• Specify the number of users to retrieve per page and the page index

The q query parameter can be used to get users that match the specified criteria using query string syntax.

Learn more about searching for users.

Read about best practices when working with the API endpoints for retrieving users.

Auth0 limits the number of users you can return. If you exceed this threshold, please redefine your search, use the export job, or the User Import / Export extension.

Parameters:

• request_options (Hash) (defaults to: {})
• params (Hash)

Options Hash (request_options:):

• :base_url (String)
• :additional_headers (Hash{String => Object})
• :additional_query_parameters (Hash{String => Object})
• :additional_body_parameters (Hash{String => Object})
• :timeout_in_seconds (Integer)

Options Hash (**params):

• :page (Integer, nil)
• :per_page (Integer, nil)
• :include_totals (Boolean, nil)
• :sort (String, nil)
• :connection (String, nil)
• :fields (String, nil)
• :include_fields (Boolean, nil)
• :q (String, nil)
• :search_engine (Auth0::Types::SearchEngineVersionsEnum, nil)
• :primary_order (Boolean, nil)

Returns:

• (Auth0::Types::ListUsersOffsetPaginatedResponseContent)

# File 'lib/auth0/users/client.rb', line 55

def list(request_options: {}, **params)
  params = Auth0::Internal::Types::Utils.normalize_keys(params)
  query_params = {}
  query_params["page"] = params.fetch(:page, 0)
  query_params["per_page"] = params.fetch(:per_page, 50)
  query_params["include_totals"] = params.fetch(:include_totals, true)
  query_params["sort"] = params[:sort] if params.key?(:sort)
  query_params["connection"] = params[:connection] if params.key?(:connection)
  query_params["fields"] = params[:fields] if params.key?(:fields)
  query_params["include_fields"] = params[:include_fields] if params.key?(:include_fields)
  query_params["q"] = params[:q] if params.key?(:q)
  query_params["search_engine"] = params[:search_engine] if params.key?(:search_engine)
  query_params["primary_order"] = params[:primary_order] if params.key?(:primary_order)

  Auth0::Internal::OffsetItemIterator.new(
    initial_page: query_params["page"],
    item_field: :users,
    has_next_field: nil,
    step: false
  ) do |next_page|
    query_params["page"] = next_page
    request = Auth0::Internal::JSON::Request.new(
      base_url: request_options[:base_url],
      method: "GET",
      path: "users",
      query: query_params,
      request_options: request_options
    )
    begin
      response = @client.send(request)
    rescue Net::HTTPRequestTimeout
      raise Auth0::Errors::TimeoutError
    end
    code = response.code.to_i
    if code.between?(200, 299)
      parsed_response = Auth0::Types::ListUsersOffsetPaginatedResponseContent.load(response.body)
      [parsed_response, response]
    else
      error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
      raise error_class.new(response.body, code: code)
    end
  end
end

#list_users_by_email(request_options: {}, **params) ⇒ Array[Auth0::Types::UserResponseSchema]

Find users by email. If Auth0 is the identity provider (idP), the email address associated with a user is saved in lower case, regardless of how you initially provided it.

For example, if you register a user as JohnSmith@example.com, Auth0 saves the user's email as johnsmith@example.com.

Therefore, when using this endpoint, make sure that you are searching for users via email addresses using the correct case.

Parameters:

• request_options (Hash) (defaults to: {})
• params (Hash)

Options Hash (request_options:):

• :base_url (String)
• :additional_headers (Hash{String => Object})
• :additional_query_parameters (Hash{String => Object})
• :additional_body_parameters (Hash{String => Object})
• :timeout_in_seconds (Integer)

Options Hash (**params):

• :fields (String, nil)
• :include_fields (Boolean, nil)
• :email (String)

Returns:

• (Array[Auth0::Types::UserResponseSchema])

Raises:

• (error_class)

# File 'lib/auth0/users/client.rb', line 158

def list_users_by_email(request_options: {}, **params)
  params = Auth0::Internal::Types::Utils.normalize_keys(params)
  query_params = {}
  query_params["fields"] = params[:fields] if params.key?(:fields)
  query_params["include_fields"] = params[:include_fields] if params.key?(:include_fields)
  query_params["email"] = params[:email] if params.key?(:email)

  request = Auth0::Internal::JSON::Request.new(
    base_url: request_options[:base_url],
    method: "GET",
    path: "users-by-email",
    query: query_params,
    request_options: request_options
  )
  begin
    response = @client.send(request)
  rescue Net::HTTPRequestTimeout
    raise Auth0::Errors::TimeoutError
  end
  code = response.code.to_i
  return if code.between?(200, 299)

  error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
  raise error_class.new(response.body, code: code)
end

#logs ⇒ Auth0::Logs::Client

Returns:

• (Auth0::Logs::Client)

# File 'lib/auth0/users/client.rb', line 515

def logs
  @logs ||= Auth0::Users::Logs::Client.new(client: @client)
end

#multifactor ⇒ Auth0::Multifactor::Client

Returns:

• (Auth0::Multifactor::Client)

# File 'lib/auth0/users/client.rb', line 520

def multifactor
  @multifactor ||= Auth0::Users::Multifactor::Client.new(client: @client)
end

#organizations ⇒ Auth0::Organizations::Client

Returns:

• (Auth0::Organizations::Client)

# File 'lib/auth0/users/client.rb', line 525

def organizations
  @organizations ||= Auth0::Users::Organizations::Client.new(client: @client)
end

#permissions ⇒ Auth0::Permissions::Client

Returns:

• (Auth0::Permissions::Client)

# File 'lib/auth0/users/client.rb', line 530

def permissions
  @permissions ||= Auth0::Users::Permissions::Client.new(client: @client)
end

#refresh_token ⇒ Auth0::RefreshToken::Client

Returns:

• (Auth0::RefreshToken::Client)

# File 'lib/auth0/users/client.rb', line 545

def refresh_token
  @refresh_token ||= Auth0::Users::RefreshToken::Client.new(client: @client)
end

#regenerate_recovery_code(request_options: {}, **params) ⇒ Auth0::Types::RegenerateUsersRecoveryCodeResponseContent

Remove an existing multi-factor authentication (MFA) recovery code and generate a new one. If a user cannot access the original device or account used for MFA enrollment, they can use a recovery code to authenticate.

Parameters:

• request_options (Hash) (defaults to: {})
• params (Hash)

Options Hash (request_options:):

• :base_url (String)
• :additional_headers (Hash{String => Object})
• :additional_query_parameters (Hash{String => Object})
• :additional_body_parameters (Hash{String => Object})
• :timeout_in_seconds (Integer)

Options Hash (**params):

• :id (String)

Returns:

• (Auth0::Types::RegenerateUsersRecoveryCodeResponseContent)

# File 'lib/auth0/users/client.rb', line 410

def regenerate_recovery_code(request_options: {}, **params)
  params = Auth0::Internal::Types::Utils.normalize_keys(params)
  request = Auth0::Internal::JSON::Request.new(
    base_url: request_options[:base_url],
    method: "POST",
    path: "users/#{URI.encode_uri_component(params[:id].to_s)}/recovery-code-regeneration",
    request_options: request_options
  )
  begin
    response = @client.send(request)
  rescue Net::HTTPRequestTimeout
    raise Auth0::Errors::TimeoutError
  end
  code = response.code.to_i
  if code.between?(200, 299)
    Auth0::Types::RegenerateUsersRecoveryCodeResponseContent.load(response.body)
  else
    error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
    raise error_class.new(response.body, code: code)
  end
end

#revoke_access(request_options: {}, **params) ⇒ untyped

Revokes selected resources related to a user (sessions, refresh tokens, ...).

Parameters:

• request_options (Hash) (defaults to: {})
• params (Auth0::Users::Types::RevokeUserAccessRequestContent)

Options Hash (request_options:):

• :base_url (String)
• :additional_headers (Hash{String => Object})
• :additional_query_parameters (Hash{String => Object})
• :additional_body_parameters (Hash{String => Object})
• :timeout_in_seconds (Integer)

Options Hash (**params):

• :id (String)

Returns:

• (untyped)

Raises:

• (error_class)

# File 'lib/auth0/users/client.rb', line 444

def revoke_access(request_options: {}, **params)
  params = Auth0::Internal::Types::Utils.normalize_keys(params)
  request_data = Auth0::Users::Types::RevokeUserAccessRequestContent.new(params).to_h
  non_body_param_names = %w[id]
  body = request_data.except(*non_body_param_names)

  request = Auth0::Internal::JSON::Request.new(
    base_url: request_options[:base_url],
    method: "POST",
    path: "users/#{URI.encode_uri_component(params[:id].to_s)}/revoke-access",
    body: body,
    request_options: request_options
  )
  begin
    response = @client.send(request)
  rescue Net::HTTPRequestTimeout
    raise Auth0::Errors::TimeoutError
  end
  code = response.code.to_i
  return if code.between?(200, 299)

  error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
  raise error_class.new(response.body, code: code)
end

#risk_assessments ⇒ Auth0::RiskAssessments::Client

Returns:

• (Auth0::RiskAssessments::Client)

# File 'lib/auth0/users/client.rb', line 535

def risk_assessments
  @risk_assessments ||= Auth0::Users::RiskAssessments::Client.new(client: @client)
end

#roles ⇒ Auth0::Roles::Client

Returns:

• (Auth0::Roles::Client)

# File 'lib/auth0/users/client.rb', line 540

def roles
  @roles ||= Auth0::Users::Roles::Client.new(client: @client)
end

#sessions ⇒ Auth0::Sessions::Client

Returns:

• (Auth0::Sessions::Client)

# File 'lib/auth0/users/client.rb', line 550

def sessions
  @sessions ||= Auth0::Users::Sessions::Client.new(client: @client)
end

#update(request_options: {}, **params) ⇒ Auth0::Types::UpdateUserResponseContent

Update a user.

These are the attributes that can be updated at the root level:

• app_metadata
• blocked
• email
• email_verified
• family_name
• given_name
• name
• nickname
• password
• phone_number
• phone_verified
• picture
• username
• user_metadata
• verify_email

Some considerations:

• The properties of the new object will replace the old ones.
• The metadata fields are an exception to this rule (user_metadata and app_metadata). These properties are merged instead of being replaced but be careful, the merge only occurs on the first level.
• If you are updating email, email_verified, phone_number, phone_verified, username or password of a secondary identity, you need to specify the connection property too.
• If you are updating email or phone_number you can specify, optionally, the client_id property.
• Updating email_verified is not supported for enterprise and passwordless sms connections.
• Updating the blocked to false does not affect the user's blocked state from an excessive amount of incorrectly provided credentials. Use the "Unblock a user" endpoint from the "User Blocks" API to change the user's state.
• Supported attributes can be unset by supplying null as the value.

Updating a field (non-metadata property)

To mark the email address of a user as verified, the body to send should be:

{ "email_verified": true }

Updating a user metadata root property

Let's assume that our test user has the following user_metadata:

{ "user_metadata" : { "profileCode": 1479 } }

To add the field addresses the body to send should be:

{ "user_metadata" : { "addresses": {"work_address": "100 Industrial Way"} }}

The modified object ends up with the following user_metadata property:

{
  "user_metadata": {
    "profileCode": 1479,
    "addresses": { "work_address": "100 Industrial Way" }
  }
}

Updating an inner user metadata property

If there's existing user metadata to which we want to add "home_address": "742 Evergreen Terrace" (using the addresses property) we should send the whole addresses object. Since this is a first-level object, the object will be merged in, but its own properties will not be. The body to send should be:

{
  "user_metadata": {
    "addresses": {
      "work_address": "100 Industrial Way",
      "home_address": "742 Evergreen Terrace"
    }
  }
}

The modified object ends up with the following user_metadata property:

{
  "user_metadata": {
    "profileCode": 1479,
    "addresses": {
      "work_address": "100 Industrial Way",
      "home_address": "742 Evergreen Terrace"
    }
  }
}

Parameters:

• request_options (Hash) (defaults to: {})
• params (Auth0::Users::Types::UpdateUserRequestContent)

Options Hash (request_options:):

• :base_url (String)
• :additional_headers (Hash{String => Object})
• :additional_query_parameters (Hash{String => Object})
• :additional_body_parameters (Hash{String => Object})
• :timeout_in_seconds (Integer)

Options Hash (**params):

• :id (String)

Returns:

• (Auth0::Types::UpdateUserResponseContent)

# File 'lib/auth0/users/client.rb', line 368

def update(request_options: {}, **params)
  params = Auth0::Internal::Types::Utils.normalize_keys(params)
  request_data = Auth0::Users::Types::UpdateUserRequestContent.new(params).to_h
  non_body_param_names = %w[id]
  body = request_data.except(*non_body_param_names)

  request = Auth0::Internal::JSON::Request.new(
    base_url: request_options[:base_url],
    method: "PATCH",
    path: "users/#{URI.encode_uri_component(params[:id].to_s)}",
    body: body,
    request_options: request_options
  )
  begin
    response = @client.send(request)
  rescue Net::HTTPRequestTimeout
    raise Auth0::Errors::TimeoutError
  end
  code = response.code.to_i
  if code.between?(200, 299)
    Auth0::Types::UpdateUserResponseContent.load(response.body)
  else
    error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
    raise error_class.new(response.body, code: code)
  end
end