Auth0 Home Blog Docs

Automate Management API Tokens



In the article here: it describes the general steps of automating the process of generating a new API token for the management API. But there’s no shown example which leads to a lot of questions.

(I have a Node API running on Heroku):

  • How will I automate this process? Do I get my backend to run a script (with the code provided in the link) at a 24-hour interval?
  • Do I keep the API Token stored as an environment variable? Heroku is said to restart on change of environment variables

A full example would make this a lot more clear.


You can keep the management api token in memory and check for it’s expiration before making call to Management API. Here is a simple example:

This demonstrates how this can be done in NodeJS. Similar concept can be applied to other language/frameworks. General idea is to keep the token in a in-memory cache with a timeout that matches the token expiration. If the token is not found then get a new one and add to the cache.