This issue occurs when you make a client credentials grant request to obtain a Management API access token, but the provided audience value does not match the identifier of the Management API.
In other words, the audience parameter should be set to https://YOUR_DOMAIN.REGION.auth0.com/api/v2/ in order to generate a valid JWT access token that can be used with the Management API.
For more information, I recommend reviewing our documentation on getting Management API access tokens for production at this link.
Please let us know if you have any additional questions.