Accessing the Management API Without Client Credentials Grant Type

I have a React app that uses a Node.js server. I am attempting to change a user’s username using the Management API. I know that Management API tokens requested by SPAs have certain limitations because they cannot sensitively store data and only certain scopes can be accessed. Therefore, it is my understanding that I must request a Management API token from the Node.js server in order to update a user’s username.

I enabled the Client Credentials Grant Type for my app in order to automatically obtain a Management API token using the ManagementClient. But the only way to enable the Client Credentials Grant Type was to change my app type from an SPA to a regular web app. After I made the change the login and logout functionality of my app stopped working. Is there a way to request an access token for the Management API from a Node.js server without enabling the Client Credentials grant type? I also attempted to access the /oauth/token endpoint to get a Management API token, but that also seems to require Client Credentials to be enabled.

I have been following the steps laid out in the this forum post, however, I do not understand how to get the Management API token if it is not generated automatically by the ManagementClient using the Client Credentials Grant Type.

Hi @chris30,

Welcome to the Community!

Instead of changing the app type of the SPA application, you will want to create a new machine-to-machine application for your Node.js API. The settings in the SPA application should stay the same.

Hello, thanks for the clear response. I did just need to create a new Machine-to-Machine application for my Node.js server and I was able to use the ManagementClient to automatically request an API token for the Management API.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.