Skip to main content
Version: 13.x (Current)


All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[1.5.1] 2024-03-27


  • The generated ID for the users in the bulk import follows the Auth0 standard of 24 only alphabetic characters.

[1.5.0] 2024-03-18


  • Fix 500 error for nested fields in request body of PATCH /users/:id endpoint
  • Add PATCH /users/import endpoint
  • Update errors and failures interface for endpoints POST /jobs/auth0-users-import and GET /jobs/auth0-users-import/:id
  • Implement handlers logic for POST /jobs/auth0-users-import and GET /jobs/auth0-users-import/:id
  • Add ums job logic implementation for bulk import of users in Auth0
  • Add interface for endpoints POST /jobs/auth0-users-import and GET /jobs/auth0-users-import/:id
  • Add load/stress test suite
  • Add rescheduling logic for UMS jobs that to poll Auth0 for users bulk import
  • Add job scheduler concurrency tests
  • Add logic to update job status with job scheduler
  • Remove sensitive data from auth import error feedback
  • Add documentation for GET /jobs/change-password/bulk/:id and POST /jobs/change-password/bulk endpoints. Update endpoints of jobs name to GET /jobs/bulk-activation/:id and POST /jobs/bulk-activation
  • Update PATCH /users/import response with inserted and updated users ids
  • Add documentation for complete flow of users bulk operations: import, activation and change password
  • Add implementation of POST /jobs/change-password/bulk endpoint
  • Add stress tests for POST /jobs/change-password/bulk endpoint
  • Add implementation of GET /jobs/change-password/bulk/:id endpoint
  • Update response of GET /jobs/change-password/bulk/:id with successful users ids
  • Add the upsert query parameter to POST /jobs/bulk-activation


  • Fix CSV bulk import with array fields
  • Fix CSV bulk import performance issues due to too many unnecessary requests to Crud
  • Fix bulk activation of users filtering out already active users
  • Fix error in documentation of POST /users/state
  • Fix error in documentation of POST /oauth/token
  • Improve PATCH /users/import response with array of ivalid rows


  • Rename endpoints POST /jobs/auth0-users-import and GET /jobs/auth0-users-import/:id to POST /jobs/users/bulk-activation and GET /jobs/users/bulk-activation/:id respectively, and remove patch feedback from users bulk activation

[1.4.3] 2023-10-10


  • Node.js updated to v18 LTS


  • Fix getAllUsers from auth0client when acl_rows is in headers

[1.4.2] 2023-10-02


  • GET /users/ resolves additional properties from auth0 when a configuration file is given


  • Fix documentation links

[1.4.1] 2023-05-12


  • Add TIMER_SERVICE_HEADERS env var to proxy headers to Timer Service


  • Fix createUser return when an error occurs

[1.4.0] 2023-04-17


  • Add POST /users/:id/soft-delete to soft delete users


  • Update POST /users/ to set an expiration date for a user
  • Update DELETE /users/:id to delete a user with expiration
  • Update PATCH /users/:id to update a user with expiration
  • Update POST /users/with-id to set an expiration date for a user

[1.3.2] 2023-02-15


  • Fix error in PATCH /users/:id when the body does not contain $set

[1.3.1] 2023-01-11


  • Fix body in 204 responses (return null instead of an empty object)

[1.3.0] 2023-01-03


  • Fix log error registation of auth user already registered on Auth Provider


  • Add boolean postponeAuthUserCreation query parameter in the POST /users/ endpoint with a false default value. When postponeAuthUserCreation=true, the user is created only in the users' CRUD collection.
  • Add POST /users/register endpoint that save the user only in the Auth Provider.

[1.2.2] 2022-12-15


  • Fix users patch when email is missing in the users' USERS_CRUD_ENDPOINT CRUD

[1.2.1] 2022-11-18


  • Update CRUD client GET and POST to match CRUD's endpoint paths

[1.2.0] 2022-11-02


  • User's permissions retrieval in GET /userinfo

[1.1.0] 2022-08-29


  • Created Rönd Client
  • Binding creation when the user is created
  • Binding update when the user roles are updated

[1.0.3] 2022-06-28

  • Updated custom-plugin-library to version 5.0.0. This updating fixes bugs related to client-type and client-key headers.
  • When creating a new user with POST /users/with-id, a check is performed in order to ensure that the authUserId does not already exist in the users collection.

[1.0.2] 2022-06-08


  • userGroups and email are no longer required for GET /users

[1.0.1] 2022-06-06


  • It's not possible to modify or unset the authUserId in patchById
  • It's not possible to patch an user with an non-existing userGroup. The user schema is now validated against the new user group (if set)

[1.0.0] 2022-05-03


  • Documentation added


  • Repository transfer
  • New test structure
  • Error messages improved
  • Ensure backward compatibility
  • Env var used for userinfo properties instead of configuration


  • This version contains changes to the error objects. This new format can be breaking if your microservices are explicitly using the old error objects content.
  • This version requires at least v4.3.0 of crud service since we are using the query parameter _rawp in the user manager service (see here for further information).
  • The userinfo additional properties are now handled via the USERINFO_ADDITIONAL_PROPERTIES environment variable. Additional properties via configuration file are no longer available.

[0.7.4] 2022-04-14


  • Create users only in crud

[0.7.3] 2022-04-06


  • Patched login endpoint, now cookie auth is supported

[0.7.2] 2022-03-09


  • POST /user route for user creation doesn't forcibly require username field anymore, if necessary it should be configured in the relative userGroup configuration crudSchema

[0.7.1] 2022-03-03


  • Fixed auth0 DB name as env var instead of hardcoded

[0.7.0] 2021-12-30


  • Added /oauth/token endpoint for authentication
  • Added /refreshtoken endpoint for authentication token refresh


  • Body validation when patching a user

[0.6.1] 2021-11-10


  • Hardcoded client-type removed

[0.6.0] 2021-10-21

  • POST /user/with-id endpoint added
  • /userinfo endpoint added

[0.5.2] 2021-10-13

  • Username ambiguities (username used for auth0 nickname and name)

[0.5.1] 2021-09-08


  • User creation inversion (creation in CRUD before Auth Client)
  • Reaching total test coverage on change state function

[0.5.0] 2021-09-03