List users added through Auth0 SSO

Federation into AWS via IAM (using external SAML or OIDC identity providers, like Auth0) is a mechanism that allows users outside of AWS to access AWS resources through a defined identity provider and trusted IAM role without creating identities for those users inside an AWS account. Those Auth0 users may federate into AWS, but they never exist as separate entities within AWS to manage. The Auth0 side would contain the best information regarding which users are assigned access to the Auth0 application used for IAM federation in AWS. Since Auth0 is not AWS-provided, my insight into the specifics of its use is limited, but I believe that this is the section of their docs for AWS IAM federation that discuss mapping users to roles. Below you can find the general AWS doc on federating into AWS through external Identity providers. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers.html

Historical information regarding the Auth0 users who have federated into AWS through this workflow would be available for viewing in CloudTrail logs, as it is a common configuration to pass the Auth0 username/email address as a RoleSessionName when federating into AWS. So, using a solution like Athena to query CloudTrail logs could help shine a light on the RoleSessionNames passed in AssumeRoleWithSaml (presuming SAML federation into AWS) logs in a given time frame and can be used to identify Auth0 user activity.

As a separate note, if Auth0 is configured as an external Identity Provider for IAM Identity Center (IAM IdC, formerly called AWS SSO), then external users are accounted for within the IAM IdC directory. Although both of these options can involve SAML federation into AWS, they're pretty different configurations. Docs on identity providers and managing identities within IAM IdC