Auth0 Home Blog Docs

Can I use one non-interactive client to access both the Management API and Authorization Extension API?

client
management-api
authorization-extens
api-authorization

#1

I’m the author of Casbin (https://github.com/casbin/casbin). And I’m writing a role manager implementation for Auth0 here: https://github.com/casbin/auth0-role-manager.

I want to retrieve all the users and all the groups from the Auth0 tenant via the non-interactive client. So I need to access both the Management API and the Authorization Extension API. The audience for Management API is something like: https://xxx.auth0.com/api/v2/. The audience for Authorization Extension API is something like: urn:auth0-authz-api. How to use these two audience in one client?

BTW, My code is in Golang. And I’m using this library: github.com/zenoss/go-auth0 as the SDK for Auth0 APIs. The related code is as follows:

func (s *AuthzTestSuite) SetupSuite() {
	cfg := auth0.Config{
		ClientID:         os.Getenv("AUTH0_CLIENT_ID"),
		ClientSecret:     os.Getenv("AUTH0_CLIENT_SECRET"),
		Tenant:           os.Getenv("AUTH0_TENANT"),
		AuthorizationURL: os.Getenv("AUTH0_AUTHORIZATION_URL"),
	}
	client, err := cfg.ClientFromCredentials(os.Getenv("AUTH0_AUTHORIZATION_API"))
	assert.Nil(s.T(), err)
	s.Client = client
}

#2

I have the same question, and haven’t been able to find a definitive answer. From what I’ve read, it seems the common practice is to get a separate access token for each audience (management, auth extension). It would be nice to get a final answer though.

Were you able to find anything definitive by chance ?