So unfortunately we had a mishap where new applications were created for each authentication of a certain path in our product. We ended up with 6000 applications.
Now we want to clean these out programmatically, because sitting in the UI doing this will take days, if not weeks.
However, I noticed that the Auth0 Management Api (which I assume should be used for this kind of procedures) does not have the client:read / client:write permissions so I am unable to even list the clients/applications, much less delete them.
If I add my own API it does not seem to have access to the management endpoints at all because the audience will not be included in the scoped access.
Thank you for posting your question. Can you verify if you’re requesting the correct permissions? I’ve just checked the Auth0 Management API permissions, and there are read:client and create:client permissions.
If you want to check the list of permissions from the Management API to do a certain operation, you can always check them in the Management API Docs here → Welcome to Auth0 Docs - Auth0 Docs
I assume you’ve already created a new M2M application with the intention of deleting the unused applications. Now, verify that this application has the required permissions with the Management API, and this should resolve the issue.
