403 Forbidden Creating User due to Scope create:users not found

APIs Management API
,
#1

Alright so I am using golang auth0 sdk to try to import users from my database by creating a management job.

I created an API and connected it to a machine to machine with permission scopes of create:users. I confirmed I am using the right clientId, secret and Domain

c := conf.GetConf()
auth0Env := c.Auth0
m, err := management.New(auth0Env.Machine.Domain, auth0Env.Machine.Client, auth0Env.Machine.Secret)
if err != nil {
	log.Fatal(err)
}

Then I try the following:

jobManager := management.JobManager{
	Management: a.Auth0Management,
}
log.Logf("\n\nInterfaceExported: \n+%v", marshalExportedUserJobList)
job := management.Job{
	ExternalID: &ref,
	Users:      marshalExportedUserJobList,
}
err = jobManager.ImportUsers(&job)
if err != nil {
	log.Logf("\n\nExport Error:\n%+v\n\n", err)
	return err
}

And I get the following error:

403 Forbidden: Insufficient scope, expected any of: create:users

image
image1718×376 20.1 KB

image
image1738×824 79.1 KB

I’m not sure what I am doing wrong, any suggestions or directions for me to debug would be greatly appreciated.

#2

Additional Information - I know my code works above at least is because I can retrieve the UserList from the same management client

userList, err := a.Auth0Management.User.List()
if err != nil {
	log.Logf("\nError retrieving auth0users:\n%+v\n", authDbUsers)
	return err
}
#3

Hi @mdere thanks for reaching out to Auth0 Community, let’s get to the bottom of this.

Can you confirm your M2M application ‘Unbound Dev’ has the necessary permissions enabled? You can do so by clicking the “>” sign next to the ‘Authorized’ Toggle.

image (6)
image (6)1738×824 79.7 KB

Once we confirm that we can look into other possible sources such as the import users job possibly causing the failure.

Best,
Colin

1 Like