Checking user profiles helps isolate the source of authentication and authorization issues in Auth0. Verify the user profile information at the source, inspect the HTTP Archive (HAR) file, and ensure the correct endpoints and scopes are used to resolve profile-related errors.

• Auth0
• User Profiles
• Troubleshooting

What checks are needed to verify user profiles for troubleshooting?

Perform the following checks to verify user profiles and troubleshoot issues.

• Verify that the user profile information is correct at the source (authorization server).
• Generate and check the HTTP Archive (HAR) file for an id_token.
  NOTE: Remove or obfuscate all sensitive data, including confidential user information, Personally Identifiable Information (PII), and application information, before sharing a HAR file. Review the Related References section for more information on sanitizing HTTP traces.
• Decode the id_token at JWT.io to verify it contains the correct information.
• Review any custom database scripts or rule logic.
• Verify the endpoint called. Use the /userinfo endpoint instead of the /tokeninfo endpoint if a custom domain is configured within Auth0.
• Ensure the /userinfo endpoint is called properly by passing an access token. Call this endpoint with the default Auth0 domain even if the tenant has a custom domain enabled.
• Verify that the correct scope is specified to obtain an Access Token.

NOTE: Review the Monitoring page for more details on each log event that can assist with troubleshooting.

Related References

• Sanitizing HTTP Traces
• How to Sanitize an HTTP Trace File Automatically
• How to Manually Redact Sensitive Information
• HAR File is Too Large to Upload to the Support Case
• User Profiles
• Normalized User Profiles
• User Profile Structure