Glad to hear it is working for you!
An alternative approach would be to handle the calls to the Management API in your backend. You would register your API as a custom API and use its identifier as the audience in the SPA. You would then create a Machine-to-Machine application for your backend and authorize it to use the Management API. Your backend could use one of the Auth0 SDKs to validate the Access Token and return data from the Management API for the SPA. That way any Access Tokens for the Management API are not exposed on the frontend. (M2M tokens from Auth0 APIs such as the Management API do not count toward the M2M token limit outlined on the pricing page).