I’m the author of Casbin (GitHub - casbin/casbin: An authorization library that supports access control models like ACL, RBAC, ABAC in Golang). And I’m writing a role manager implementation for Auth0 here: GitHub - casbin/auth0-role-manager: Auth0 role manager for Casbin.
I want to retrieve all the users and all the groups from the Auth0 tenant via the non-interactive client. So I need to access both the Management API and the Authorization Extension API. The audience for Management API is something like: https://xxx.auth0.com/api/v2/. The audience for Authorization Extension API is something like: urn:auth0-authz-api. How to use these two audience in one client?
BTW, My code is in Golang. And I’m using this library: GitHub - zenoss/go-auth0: A Go client to Auth0 APIs as the SDK for Auth0 APIs. The related code is as follows:
func (s *AuthzTestSuite) SetupSuite() {
cfg := auth0.Config{
ClientID: os.Getenv("AUTH0_CLIENT_ID"),
ClientSecret: os.Getenv("AUTH0_CLIENT_SECRET"),
Tenant: os.Getenv("AUTH0_TENANT"),
AuthorizationURL: os.Getenv("AUTH0_AUTHORIZATION_URL"),
}
client, err := cfg.ClientFromCredentials(os.Getenv("AUTH0_AUTHORIZATION_API"))
assert.Nil(s.T(), err)
s.Client = client
}