Updating Auth0 User Profile Root Attributes

Additional Features
Apr 30, 2026
Overview

This article explains whether it is possible to edit user profile root attributes, such as given_name and family_name. It also clarifies the special considerations for the email attribute.

Applies To
  • User Profiles
  • Root Attributes
Solution

The user's connection type determines whether root attributes can be updated.

 

Auth0 as the identity provider (IdP)

When Auth0 is the IdP, root user attributes can be updated individually via the Update a user endpoint or via user import with upsert enabled. Auth0 is considered the IdP for the following connection types:

  • Database connections
  • Custom database connections with import mode enabled
  • Passwordless connections

 

Third-party IdPs

By default, root attributes of users sourced from third-party IdPs cannot be edited. This is because the external IdP is considered the source of truth for user data. That said, it is possible to enable editing by turning off the syncing of user profile attributes:

  1. Navigate to the Auth0 dashboard > Connections > <connection> > Provisioning.
  2. Turn off Sync user profile attributes at each login.

This ensures user attributes are updated from the IdP only on initial user profile creation. Once this is done, it will be possible to update root attributes for users with synced attributes using the same methods described in the "Auth0 as the identity provider (IdP)" section.

 

NOTE: This means any changes to the user profile on the IdP side will not be synced on subsequent logins.

 

A Special Note on the Email Attribute

While many root attributes can be made editable, the email attribute is a special case. The email is often used as the primary identifier to link a user's profile to the upstream identity provider. Because of this, in most scenarios the email attribute cannot be updated to prevent the IdP linkage from breaking. To change a user's email, the recommended practice is to create a new user profile with the new email address.

Updating Examples

Here are example requests to update root attributes, both individually and via bulk import.

 

Individual updates

Use the Update a user endpoint.  NOTE:  That email is not included in the updatable fields.

 
bash
curl -X PATCH --url https://<domain>/api/v2/users/<user id> \
 -H 'Content-Type: application/json' \
 -H 'Authorization: Bearer <access token>' \
 -d '{ "name": "New Name", "nickname": "New Nickname" }'

Bulk updates

Use the Create import users job endpoint. The email is used here to identify the user, but it will not be updated. The upsert flag will ensure that existing users are updated with the new name and nickname.

 
bash
curl -X POST --url https://<domain>/api/v2/jobs/users-imports \
 -H 'Content-Type: application/json' \
 -H 'Authorization: Bearer <access token>' \
 -d '{ 
  "users": [
    { 
      "email": "john.doe@example.com", 
      "name": "John Doe", 
      "nickname": "Johnny" 
    }, 
    // More users... 
  ], 
  "connection_id": "<connection id>", 
  "upsert": true 
}'



Recommended content

No recommended content found...
Need more help? Visit the Community
Visit the Auth0 Community