Working on Remix app that reuses Management API client defined like this (to update user / metadata):
import { ManagementClient } from 'auth0';
const management = new ManagementClient({
domain: getOrThrow("AUTH0_DOMAIN"),
clientId: getOrThrow("AUTH0_CLIENT_ID"),
clientSecret: getOrThrow("AUTH0_CLIENT_SECRET"),
});
...
return await management.users.update({ id: userId }, filteredUpdate);
It doesn’t work with message:
AuthApiError: Client is not authorized to access "https://MY_AUTH0_DOMAIN.au.auth0.com/api/v2/". You need to create a "client-grant" associated to this API. See: https://auth0.com/docs/api/v2#!/Client_Grants/post_client_grants
Ok, reading article and trying to create grants exactly as described in the documentation:
curl -L 'https://login.auth0.com/api/v2/client-grants' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-d '{
"client_id":"MY_CLIENT_ID",
"audience":"https://MY_APP_DOMAIN.au.auth0.com/api/v2/",
"scope":["create:client_grants"]
}'
and it fails with error
{"statusCode":401,"error":"Unauthorized","message":"Missing authentication"}
It seems like either I missing something or documentation is incomplete, but I cannot get what to fix.
All the credentials are used on the server side and never leaking to the client.
Please assist!