403 Forbidden Error when Configuring mTLS Authentication Flow


A 403 Forbidden Error is thrown when configuring mTLS with the Management API endpoint. After following the steps to configure mTLS, the error looks something like this:

    "statusCode": 403,
    "error": "Forbidden",
    "message": "Please upgrade your subscription to use mtls.",
    "errorCode": "feature_not_enabled"


As mTLS is a feature of the AISE (Advanced Identity Security Entitlement) SKU, it is not part of the Enterprise package but an extra addon. The HRI feature (containing JWE/JAR/PAR/RAR/mTLS etc) is currently in Early Access, and customers should reach out to Auth0 Support to enable this feature.