Calling management api with accessToken obtained via custom domain causes 401 error

Help
,
1

Hello

When I call the management api using the accessToken obtained using a custom domain, it returns a 401 error.
What should I do?

get accessToken

fetch(`https://${myCustomDomain}/oauth/token`, {
    method: 'POST',
    headers: {
      'content-type': 'application/x-www-form-urlencoded',
    },
    body: new URLSearchParams({
      grant_type: 'client_credentials',
      client_id: ${clientId},
      client_secret: ${clientSecret},
      audience: `https://${tenantName}.us.auth0.com/api/v2/`,
    }).toString(),
  })
    .then((res) => {
      return res.json();
    })
    .then((res) => {
      return res.access_token;
    });

call management api

fetch(`https://${tenantName}.us.auth0.com/api/v2/users/${user_id}/enrollments`, {
    method: 'GET',
    headers: {
      'Content-Type': 'application/json',
      Authorization: `Bearer ${Retrieved access_token}`,
    },
  }).then(async (res) => {
    if (!res.ok) {
      throw await res.json();
    }
    return res.json();
  });

error

{
  statusCode: 401,
  error: 'Unauthorized',
  message: 'Bad issuer: https://myCustomDomain/'
}
2

Hello @koheikameyama,

If you are calling the management API, you need to use your regular Auth0 domain instead of the custom domain. Would you be able to replace the fetch URL in your ‘get accessToken’ snippet to ${tenantName} and test it out?

Thanks!

1 Like