Accessing both User Management API and custom API for SPA using Auth0

0

I am building an SPA which has to access User Management API directly and also need to authorize a custom API.

The library I use was auth0-js.

According to the document, if I want to access the User Management API, I have to get the accessToken first by reaching the /authorize endpoint which provided by auth0.

Also I have to provide a specific string to audience parameter for that.

And if I want to authorize additional custom API, I have to reaching the /authorize endpoint again by providing a different set of params including audience to get a different access token.

Is there any easy way for me to enter /authorize endpoint one time and get an access token that can both used for User Management API and my custom API ? Thanks…

Hey there @arel.hello!

What you described is totally correct. There is no universal way to get an access token that can be used for all APIs. Simply because of security reasons.

Hope it helps some way!

Thank you for the reply, so if I want to access auth0 User Management API and both my Custom API (which is also the audience) from front-end, what kind of implementation will you suggest?

Call the /authorize endpoint for each audience and use the appropriate token for calling the responding API.

That is correct. Fell free to go the way @Mark suggested and let us know if you require further help!