403 Forbidden Creating User due to Scope create:users not found

Alright so I am using golang auth0 sdk to try to import users from my database by creating a management job.

I created an API and connected it to a machine to machine with permission scopes of create:users. I confirmed I am using the right clientId, secret and Domain

c := conf.GetConf()
auth0Env := c.Auth0
m, err := management.New(auth0Env.Machine.Domain, auth0Env.Machine.Client, auth0Env.Machine.Secret)
if err != nil {

Then I try the following:

jobManager := management.JobManager{
	Management: a.Auth0Management,
log.Logf("\n\nInterfaceExported: \n+%v", marshalExportedUserJobList)
job := management.Job{
	ExternalID: &ref,
	Users:      marshalExportedUserJobList,
err = jobManager.ImportUsers(&job)
if err != nil {
	log.Logf("\n\nExport Error:\n%+v\n\n", err)
	return err

And I get the following error:

403 Forbidden: Insufficient scope, expected any of: create:users

I’m not sure what I am doing wrong, any suggestions or directions for me to debug would be greatly appreciated.

Additional Information - I know my code works above at least is because I can retrieve the UserList from the same management client

userList, err := a.Auth0Management.User.List()
if err != nil {
	log.Logf("\nError retrieving auth0users:\n%+v\n", authDbUsers)
	return err

Hi @mdere thanks for reaching out to Auth0 Community, let’s get to the bottom of this.

Can you confirm your M2M application ‘Unbound Dev’ has the necessary permissions enabled? You can do so by clicking the “>” sign next to the ‘Authorized’ Toggle.

Once we confirm that we can look into other possible sources such as the import users job possibly causing the failure.


1 Like