I’m using a custom API for user management. I can get an JWT for that API easily, but when I try to use it, I get the reply: "message": "Bad audience: <api audience/identifier>"
The endpoint I’m posting the data to is my usual endpoint (https://some-name.eu.auth0.com/api/v2/), my identifier/audience is: https://my.some-name.be/user-mgmt. The scopes of the api are set right (and that doesn’t seem to be the problem).
In case of calling Auth0 management API v2, you should use https://{tentant}.auth0.com/api/v2/ audience. A custom audience is not accepted for Auth0 management API v2.
Make sure client is allowed to include v2 API audience by visiting APIs > Auth0 Management API > Non Interactive Clients and Authorize your client (7xVERL0bjhY********VXeLW4fzyi) with selected scopes. Do this only after rotating your secret.
how to reset password for a user who forgot his password, for that access token is not available.
I have implemented password link email sent for forgot password, but i am unable to find any way to reset password without access token.
This is not what the docs are saying
" If you get an Access Token for the Management API using an authorization flow with your custom domain, you must call the Management API using the custom domain (your token will be considered invalid otherwise)."
also there is no way to change the management API audience , for example after you created a custom domain.
please provide a solution - cause i cannot have the real domain in my server configuration.
Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.
Wanted to reach out to know if you still require further assistance?