Auth0 Python SDK

5.0.0 · active · verified Tue Mar 17

Official Auth0 SDK for Python. Current version is 5.0.0 (Feb 2026). Three separate API generations exist (v3, v4, v5) with incompatible import paths and response types. The 'auth0.v3' namespace was removed in v4. v5 rewrites the Management API responses from dicts to Pydantic models. Enormous tutorial and LLM corpus still references auth0.v3 imports.

Warnings

breaking 'from auth0.v3.management import Auth0' and 'from auth0.v3.authentication import ...' raise ModuleNotFoundError on auth0-python >= 4.0. The auth0.v3 namespace was fully removed in v4.
Fix: Replace 'from auth0.v3.management import Auth0' with 'from auth0.management import ManagementClient'. Replace 'from auth0.v3.authentication import ...' with 'from auth0.authentication import ...'.
breaking v5 Management API responses are Pydantic models, not dicts. user['email'] raises TypeError. user.get('email') returns None silently instead of the value.
Fix: Use attribute access: user.email. To convert to dict for legacy code: user.model_dump().
breaking Management API tokens expire after 24 hours. The v4 Auth0() class does not refresh tokens automatically. Long-running processes silently start returning 401s.
Fix: Use ManagementClient with client_id + client_secret (v5) for automatic token caching and refresh. Or re-acquire token on each run.
breaking v5 pagination changed. The v4 pattern of manual page= loops with include_totals=True returns a SyncPager in v5, not a dict. result['users'] raises TypeError.
Fix: Iterate directly: 'for user in client.users.list(): ...' — SyncPager handles pagination automatically.
gotcha Auth0 domain format must be bare domain only: 'your-tenant.auth0.com'. Do NOT prefix with 'https://'. Passing the full URL causes connection errors.
Fix: domain='your-tenant.auth0.com' not domain='https://your-tenant.auth0.com'
gotcha client_credentials audience must exactly match the API identifier in Auth0 dashboard. For the Management API it is 'https://{domain}/api/v2/' — note the trailing slash. Omitting it returns an invalid token.
Fix: audience=f'https://{domain}/api/v2/' # trailing slash required
gotcha AsyncManagementClient requires aiohttp which is not auto-installed by auth0-python. ImportError at runtime if missing.
Fix: pip install aiohttp alongside auth0-python when using async client.

Install

pip install auth0-python Python

Imports

ManagementClient
```
from auth0.management import ManagementClient
```
auth0.v3 namespace was removed in v4. 'from auth0.v3.*' raises ModuleNotFoundError on any version >= 4.0. This is the single most common error in LLM-generated auth0 code.
GetToken
```
from auth0.authentication import GetToken
```
Same v3 namespace removal. Authentication API import path is now auth0.authentication (no version segment).

Quickstart

Management API access using v5 ManagementClient with client credentials.

from auth0.authentication import GetToken
from auth0.management import ManagementClient

domain = 'your-tenant.auth0.com'

# Option A: ManagementClient with client credentials (auto token refresh)
client = ManagementClient(
    domain=domain,
    client_id='YOUR_CLIENT_ID',
    client_secret='YOUR_CLIENT_SECRET',
)

# v5: responses are Pydantic models, not dicts
user = client.users.get('auth0|123456')
print(user.email)  # attribute access, not user['email']

# Option B: manual token then client
token_client = GetToken(
    domain=domain,
    client_id='YOUR_CLIENT_ID',
    client_secret='YOUR_CLIENT_SECRET',
)
tokens = token_client.client_credentials(
    audience=f'https://{domain}/api/v2/'
)
client2 = ManagementClient(domain=domain, token=tokens['access_token'])

view raw JSON →