401 - Bad Audience

I’m getting a bad audience response and I’m not sure why

Steps I took

  • I created an access_token
  • set the token for testing
  • tried https://{my_domain.}us.auth0.com/api/v2/users
  • recieved a 401


setting-token-for-testing

I have read:users, read:user_idp_tokens, read:users_app_metadata enabled

Hi @formula1,

Welcome to the Auth0 Community!

This issue occurs when you make a client credentials grant request to obtain a Management API access token, but the provided audience value does not match the identifier of the Management API.

In other words, the audience parameter should be set to https://YOUR_DOMAIN.REGION.auth0.com/api/v2/ in order to generate a valid JWT access token that can be used with the Management API.

For more information, I recommend reviewing our documentation on getting Management API access tokens for production at this link.

Please let us know if you have any additional questions.

Thanks,
Rueben

Why don’t the access tokens in the test work? Also, the audience for local client development works when the audience is http://localhost:8081.

Also in the test the configuration is

{
  "client_id":"krlVBet0lsm75UWfoO2MIfmgXkBaFujM",
  "client_secret": "",
  "audience":"http://localhost:8081",
  "grant_type":"client_credentials"
}

Just tried it with the url you sent me: Get Management API Access Tokens for Production

its giving me an access_denied error

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.