When I tried with the following URL.
https://.auth0.com/api/v2/users?per_page=50&page=0&include_totals=true&sort=email:1&include_fields=true&q=updated_at:[2019-06-30 TO 2019-07-02]
I got the following response.
403 Forbidden403 Forbidden
I think the approach you have shared is applicable with V3 but not with V2.
I found that the way you suggested is working fine when i check with Postman, but not with Curl call.