This document covers user-facing operations available through the Authentication API, including user signup, password management, and user information retrieval. These operations are accessible through the AuthenticationApiClient class src/Auth0.AuthenticationApi/AuthenticationApiClient.cs23 and are primarily used during user-facing authentication flows.
For administrative user management operations (CRUD, metadata management, sessions, etc.), see User Management. For authentication flows that acquire tokens, see Token Acquisition Flows. For multi-factor authentication operations, see Multi-Factor Authentication.
The Authentication API provides primary user-facing operations through dedicated endpoints on the Auth0 Authentication API. These operations do not require administrative privileges and are designed for use in user-facing application flows.
This diagram illustrates how the AuthenticationApiClient methods map to specific Auth0 Authentication API endpoints.
Sources: src/Auth0.AuthenticationApi/AuthenticationApiClient.cs81-90 src/Auth0.AuthenticationApi/AuthenticationApiClient.cs119-124 src/Auth0.AuthenticationApi/IAuthenticationApiClient.cs31-51 tests/Auth0.AuthenticationApi.IntegrationTests/DatabaseConnectionTests.cs80 tests/Auth0.AuthenticationApi.IntegrationTests/PasswordlessTests.cs43
The SignupUserAsync method creates a new user account in a database connection. This operation is performed against the /dbconnections/signup endpoint and returns basic user information upon successful creation tests/Auth0.AuthenticationApi.IntegrationTests/DatabaseConnectionTests.cs80
The SignupUserRequest inherits from UserMaintenanceRequestBase, which provides common fields shared with password change operations.
| Class | Namespace | Purpose |
|---|---|---|
UserMaintenanceRequestBase | Auth0.AuthenticationApi.Models | Base class for user operations requiring client ID, connection, and email src/Auth0.AuthenticationApi/Models/UserMaintenanceRequestBase.cs8-10 |
SignupUserRequest | Auth0.AuthenticationApi.Models | Extends base with password and profile fields for user creation src/Auth0.AuthenticationApi/Models/SignupUserRequest.cs10-11 |
Sources: src/Auth0.AuthenticationApi/Models/UserMaintenanceRequestBase.cs8-27 src/Auth0.AuthenticationApi/Models/SignupUserRequest.cs10-65
GivenName, FamilyName, Name, Nickname, and Picture src/Auth0.AuthenticationApi/Models/SignupUserRequest.cs27-52UserMetadata property src/Auth0.AuthenticationApi/Models/SignupUserRequest.cs55-58PhoneNumber can be provided during signup src/Auth0.AuthenticationApi/Models/SignupUserRequest.cs61-64The SignupUserResponse class normalizes the user identifier across different connection types through JSON property aliasing. The Auth0 API may return _id, id, or user_id depending on whether the connection is standard or custom src/Auth0.AuthenticationApi/Models/SignupUserResponse.cs26-47
ID Normalization Logic:
The Id property returns the first non-null value from the internal fields _id, id, or user_id src/Auth0.AuthenticationApi/Models/SignupUserResponse.cs32-36
Sources: src/Auth0.AuthenticationApi/Models/SignupUserResponse.cs10-96 tests/Auth0.AuthenticationApi.IntegrationTests/DatabaseConnectionTests.cs139-153
The ChangePasswordAsync method initiates a password change flow by sending a password reset email to the user src/Auth0.AuthenticationApi/AuthenticationApiClient.cs81-90
Request Model - ChangePasswordRequest:
The ChangePasswordRequest class extends UserMaintenanceRequestBase and adds an optional Organization parameter for organization-scoped password resets src/Auth0.AuthenticationApi/Models/ChangePasswordRequest.cs8-14
Sources: src/Auth0.AuthenticationApi/AuthenticationApiClient.cs81-90 src/Auth0.AuthenticationApi/Models/ChangePasswordRequest.cs1-14 src/Auth0.AuthenticationApi/Models/UserMaintenanceRequestBase.cs1-27
The GetUserInfoAsync method retrieves user profile information based on a valid access token obtained during authentication src/Auth0.AuthenticationApi/AuthenticationApiClient.cs119-124 This endpoint conforms to the OpenID Connect UserInfo specification src/Auth0.AuthenticationApi/Models/UserInfo.cs12-16
The UserInfo class contains standard OIDC claims:
| Property | Type | JSON Field | Description |
|---|---|---|---|
UserId | string | sub | Subject-Identifier for the user src/Auth0.AuthenticationApi/Models/UserInfo.cs22-23 |
FullName | string | name | Full displayable name src/Auth0.AuthenticationApi/Models/UserInfo.cs29-30 |
FirstName | string | given_name | Given/First name src/Auth0.AuthenticationApi/Models/UserInfo.cs38-39 |
LastName | string | family_name | Surname/Last name src/Auth0.AuthenticationApi/Models/UserInfo.cs47-48 |
Email | string | email | Preferred e-mail address src/Auth0.AuthenticationApi/Models/UserInfo.cs113-114 |
EmailVerified | bool? | email_verified | Verification status src/Auth0.AuthenticationApi/Models/UserInfo.cs125-126 |
Locale | string | locale | BCP47 language tag src/Auth0.AuthenticationApi/Models/UserInfo.cs163-165 |
Sources: src/Auth0.AuthenticationApi/Models/UserInfo.cs17-194 tests/Auth0.AuthenticationApi.IntegrationTests/AccessTokenTests.cs117-120
The SDK supports starting Passwordless flows via Email or SMS.
The StartPasswordlessEmailFlowAsync method uses PasswordlessEmailRequest to send a link or code src/Auth0.AuthenticationApi/Models/PasswordlessEmailRequest.cs11-52
Link or Code via the PasswordlessEmailRequestType enum src/Auth0.AuthenticationApi/Models/PasswordlessEmailRequest.cs42-45scope, redirect_uri, etc., via AuthenticationParameters src/Auth0.AuthenticationApi/Models/PasswordlessEmailRequest.cs48-51ClientSecret or ClientAssertionSecurityKey for secure requests src/Auth0.AuthenticationApi/Models/PasswordlessEmailRequest.cs20-33The StartPasswordlessSmsFlowAsync method uses PasswordlessSmsRequest to send a code via SMS src/Auth0.AuthenticationApi/Models/PasswordlessSmsRequest.cs8-36
Sources: src/Auth0.AuthenticationApi/Models/PasswordlessEmailRequest.cs11-52 src/Auth0.AuthenticationApi/Models/PasswordlessSmsRequest.cs8-36 tests/Auth0.AuthenticationApi.IntegrationTests/PasswordlessTests.cs33-48
The GetImpersonationUrlAsync method generates a one-time link to log in as a specific user src/Auth0.AuthenticationApi/AuthenticationApiClient.cs94-116 This feature has been marked as deprecated and will be removed in a future release src/Auth0.AuthenticationApi/IAuthenticationApiClient.cs39-41
Sources: src/Auth0.AuthenticationApi/AuthenticationApiClient.cs94-116 src/Auth0.AuthenticationApi/IAuthenticationApiClient.cs39-41
Refresh this wiki