Auth0 Home Blog Docs

Bad audience when changing user_metadata


#1

I’m wondering if someone can clarify the correct workflow for changing an email or app_metadata property in a user’s auth0 account. I have jwt working between express and a react app for login. I’d like to use the auth0 api v2 to edit a user’s app_metadata. When I send a PATCH request off, I get a 401 bad audience error. This kind of makes sense to me because the audience of my jwt for authenticating between the client and my backend is likely different from what I need to communicate with the auth0 api.

This is basically what it looks like clientside, but I’ve also tried it on the server with the same result.

axios.defaults.headers.Authorization = `Bearer ${localStorage.getItem('access_token')}`;
axios
  .get('https://xxx.auth0.com/api/v2/users/58c6db003c9c2b7caff55ebc', { user_metadata: { firstName: 's', lastName: 'j' } })
  .then(response => console.log(response));

How exactly do I get an updated access_token that I can use to change an auth0 property? Is it easier to send off the command from the client, or can I just give my backend full access to change app_metadata and then just ensure that I do enforcement before sending the command off? What does the axios code look like for a server-side PATCH call?

Thanks!