Auth0 Home Blog Docs

Automate Management API Tokens: POST Objective-C not receiving token in response

management-api
oauth
ios
objective-c

#1

In Advanced Rest Client, I can get a response that contains the management authorization token. But, when I do this in Objective-C code following this documentation: https://auth0.com/docs/api/management/v2/tokens#automate-the-process

It doesn’t return the data.

The only headers I get are the following in the response:

Headers: {
“Cache-Control” = “no-cache”;
“Content-Type” = “application/json”;
Date = “Mon, 03 Jul 2017 04:23:02 GMT”;
Pragma = “no-cache”;
“Strict-Transport-Security” = “max-age=15724800”;
“x-auth0-requestid” = 783511679899232996fc;
“x-ratelimit-limit” = 1000000;
“x-ratelimit-remaining” = 999999;
“x-ratelimit-reset” = 1499055783;
“x-robots-tag” = “noindex, nofollow, nosnippet, noarchive”;
}

And the status code is 200.
Any ideas?


#2

Okay, so I figured this out.
The documentation on this page: https://auth0.com/docs/api/management/v2/tokens#automate-the-process needs to be updated.

For objective-c, this data is returned in the NSData *data object and needs to be converted to an NSDictionary to get the results. It is NOT in the response object that is returned.

You can convert it like this:

NSDictionary* json = [NSJSONSerialization JSONObjectWithData:data
                                                                                                             options:kNilOptions
                                                                                                               error:&error];

#3

OK, I have another issue now.
After I am able to get the token and I try to update the metadata, it says:

error = Forbidden;
errorCode = “unowned_resource”;
message = “User to be acted on does not match subject in bearer token.”;
statusCode = 403;

I honestly at this point do NOT understand what is going on.

If I take the token that is in the API Explorer tab, that works and it updates fine. But, when I retrieve a token automatically – the token it gives me says that it is forbidden.


#4

@prashant Any ideas?? How exactly do I get the token? I am following the documentation from the link on this post.


#5