Auth0 Node Generate Access Token

cagataysayg · May 6, 2023, 12:31pm

Hello everyone,

I’m trying to generate access token to access Management Api with auth0(node).

When I’m generating my token through api explorer I can access to API. But when I’m generating manually it just not working.

My flow
→ Generate access_token calling https://${domain}/oauth/token
→ Create a new management client with the access_token
→ Get users by management client.

import { ManagementClient } from “auth0”;
import fse from “fs-extra”;
import dotenv from “dotenv”;
import axios from “axios”;
import qs from “qs”;
dotenv.config();

const tokenPath = ${__dirname}../../../.auth0;
const domain = process.env.AUTH0_DOMAIN || “”;
const clientId = process.env.AUTH0_CLIENT_ID;
const clientSecret = process.env.AUTH0_CLIENT_SECRET;
const managementClientId = process.env.AUTH0_MANAGEMENT_CLIENT_ID;
const managementClientSecret = process.env.AUTH0_MANAGEMENT_CLIENT_SECRET;

const createAuth0ManagementToken = async () => {
const body = qs.stringify({
grant_type: “client_credentials”,
client_id: managementClientId,
client_secret: managementClientSecret,
audience: https://${domain}/api/v2/,
});

const config = {
method: “post”,
url: https://${domain}/oauth/token,
headers: {
“content-type”: “application/x-www-form-urlencoded”,
},
data: body,
};

const { data } = await axios.request(config);
return data;
};

export const auth0Management = async () => {
let token = await fse.readJSON(${tokenPath}/token.json).catch(() => null);

if (!token) {
token = await createAuth0ManagementToken();

const dir = await fse.readdir(tokenPath).catch(() => null);
if (!dir) await fse.mkdir(tokenPath);

await fse.writeJSON(`${tokenPath}/token.json`, token);

}

const managementClient = new ManagementClient({
domain,
clientId,
clientSecret,
token: token.access_token,
});

console.log(await managementClient.getUsers());

return managementClient;
};

auth0Management();

phi1ipp · May 6, 2023, 4:33pm

Hm, why do you need to obtain the token manually? As long as you provide your client_id and client_secret SDK should do that for you, unless I’m not getting what you are trying to achieve.

This is how I did instantiated the client and called management API

const CLIENT_ID = 'client_id_of_the_app'
const CLIENT_SECRET = 'client_secret_of_the_app'
const AUTH0_DOMAIN = 'auth0_domain'; 
const AUTH0_BASE_URL = 'https://' + AUTH0_DOMAIN
const AUTH0_API_AUDIENCE = AUTH0_BASE_URL + '/api/v2/'

const auth0 = new ManagementClient({
    domain: AUTH0_DOMAIN,
    clientId:CLIENT_ID,
    clientSecret: CLIENT_SECRET,
    audience: AUTH0_API_AUDIENCE
});

...
app.post('/post', async (req, res) => {
    const { email, user_id, redirect_uri } = req.body;

    console.log('>> /post with ', inspect(req.body))

    const user = await auth0.users.get({ id: user_id })
    console.log('user: ' + inspect(user))

    await auth0.users.update({id: user_id}, {email}),

cagataysayg · May 7, 2023, 1:31pm

Thanks for the solution, my actual problem was using react sdk on front-end but its a single page application so I wasn’t able to use that application for management api. I created a machine to machine app and grant the credentials and it worked like a charm.

konrad.sopala · May 8, 2023, 11:20am

Teamwork makes the dream work!

system · May 22, 2023, 11:21am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.