API Access tokens are the same for different tenants

The API Access Tokens in our different tenants (Whitecloud and Whitecloud-dev) have the same value. The application in each tenant is named “Auth0 Management API (Test Application)”. The token value appears to be valid for the Whitecloud-dev tenant where the API is accessible and usable with the existing Access Token. Connecting to the API in the Whitecloud tenant consistently errors with the Access Token.
Attached are code snippets which retrieve the Access Token from each tenant. If you execute each snippet independently and inspect the response object you can see the Access Token is the same. The Auth0 dashboard interface also displays the same token value in each tenant. We tried the creation of a NEW MACHINE TO MACHINE application in the Whitecloud tenant with a new name but it also had the same Access Token.

How can I get a MACHINE TO MACHINE application using the Auth0 API in the Whitecloud tenant that has a unique access token?

APIAccessTokenRetrievalSamples.txt (1.1 KB)

Hi @pgoldyRelias,

Welcome to the Community!

You are saying the tokens are identical? Can you post or DM me an example of the two tokens?

Hi Dan. Thanks for looking at this and the question. However we did gain resolution and it was classic pilot error. We were using the wrong ClientID and Secret to try and access the MACHINE TO MACHINE application and… the access tokens were NOT identical. They were close and that is not the same as equivalent. So a few simple errors on our part.

After these comments I am closing this topic since it’s all resolved. And if anyone else searches/finds this the lesson we learned was triple-check all the values you think are “right” and make sure equivalency is really that.

Thanks - PaulG

Thanks for the update!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.