Auth0 · Arazzo Workflow

Auth0 Find User by Email and Assign Role

Version 1.0.0

Look up a user by email and, when found, assign tenant roles to that user.

1 workflow 1 source API 1 provider
View Spec View on GitHub AI AgentsAuthenticationAuthorizationFGAIdentity ManagementMCPOAuthOktaOpenID ConnectSAMLSecuritySCIMArazzoWorkflows

Provider

auth0

Workflows

find-user-assign-role
Resolve a user by email then grant roles when the user exists.
Searches users by email, and only when a match is found assigns the supplied role ids to the matched user.
2 steps inputs: email, roles outputs: matchedUserId
1
findUser
get_users-by-email
Search for a user by email address, returning at most the matching records.
2
assignRoles
post_user_roles
Assign the supplied role ids to the matched user.

Source API Descriptions

openapi
auth0ManagementApi https://raw.githubusercontent.com/api-evangelist/auth0/refs/heads/main/openapi/auth0-management-api-openapi.yml

Arazzo Workflow Specification

auth0-find-user-assign-role-workflow.yml Raw ↑ 
arazzo: 1.0.1
info:
  title: Auth0 Find User by Email and Assign Role
  summary: Look up a user by email and, when found, assign tenant roles to that user.
  description: >-
    A find-then-act access flow. The workflow searches for an existing user by
    email address and branches on the result: when a matching user is found it
    assigns the supplied tenant roles, and when no user matches it ends without
    making changes. Each step spells out its request inline so the flow can be
    read and executed without opening the underlying OpenAPI description.
  version: 1.0.0
sourceDescriptions:
- name: auth0ManagementApi
  url: ../openapi/auth0-management-api-openapi.yml
  type: openapi
workflows:
- workflowId: find-user-assign-role
  summary: Resolve a user by email then grant roles when the user exists.
  description: >-
    Searches users by email, and only when a match is found assigns the
    supplied role ids to the matched user.
  inputs:
    type: object
    required:
    - email
    - roles
    properties:
      email:
        type: string
        description: Email address to look the user up by (case-sensitive).
      roles:
        type: array
        description: List of existing role ids to assign when the user is found.
        items:
          type: string
  steps:
  - stepId: findUser
    description: >-
      Search for a user by email address, returning at most the matching
      records.
    operationId: get_users-by-email
    parameters:
    - name: email
      in: query
      value: $inputs.email
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      matchedUserId: $response.body#/0/user_id
    onSuccess:
    - name: userFound
      type: goto
      stepId: assignRoles
      criteria:
      - context: $response.body
        condition: $.length > 0
        type: jsonpath
    - name: userMissing
      type: end
      criteria:
      - context: $response.body
        condition: $.length == 0
        type: jsonpath
  - stepId: assignRoles
    description: >-
      Assign the supplied role ids to the matched user.
    operationId: post_user_roles
    parameters:
    - name: id
      in: path
      value: $steps.findUser.outputs.matchedUserId
    requestBody:
      contentType: application/json
      payload:
        roles: $inputs.roles
    successCriteria:
    - condition: $statusCode == 204
  outputs:
    matchedUserId: $steps.findUser.outputs.matchedUserId