401 Unauthorized

I have an app on react, and I’m trying to get a Management API token so I can make calls to get a user’s roles.

I’m following this tutorial, and I have added my Client Id and Client Secret for my Regular Web App.
However upon submitting, I receive 401 Unauthorized.

Should I be submitting the ClientId and Client Secret for my Regular Web App Application or the Backend API?

Happy to provide more information if necessary.

Good afternoon,

Could you provide the request and response you. are receiving with sensitive information redacted?

I’m guessing a set value might be incorrect.


Actually the curl request isn’t working either:

curl --request POST \
  --url 'https://redacted.auth0.com/oauth/token' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=client_credentials \
  --data 'client_id=redacted' \
  --data client_secret=redacted\
  --data 'audience=https://redacted.auth0.com/api/v2/'

I added the client_id of my Machine to Machine application and the client_secret of that application.

I have ensured that the Client Credentials grant type has also been checked.

However, the response I get is:

{"error":"access_denied","error_description":"Client is not authorized to access \"https://redacted.auth0.com/api/v2/\". You might probably want to create a \"client-grant\" associated to this API. See: https://auth0.com/docs/api/v2#!/Client_Grants/post_client_grants"}

Oh! I think I might have figured it out.

I had to go to my Machine to Machine application, toggle the Authorize switch for Auth0 Management API, and then it worked :slight_smile:

Celebrated too early. curl worked but nodeJS did not.

I am running the code in the backend

      grant_type: "client_credentials",
      client_id: "redacted",
      audience: "https://redacted.auth0.com/api/v2/",
      headers: {
        "content-type": "application/x-www-form-urlencoded",

Parts of request:

      { url: 'https://redacted.auth0.com/oauth/token',
        method: 'post',
        headers: [Object],


      { error: 'access_denied', error_description: 'Unauthorized' } },

Solved it!

I changed the content-type from application/x-www-form-urlencoded to application/json and that fixed the issue.

1 Like

Wooohoo! Perfect glad to hear that and thanks for sharing with the rest of community!

1 Like

Thank you. Very encouraged by the Auth0 devs and the community. :slight_smile:

1 Like

Here for ya! Always cheering up our developer community!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.