I can update the user_metadata via the portal and read it via the Management API. However when I try to set it I get 403 as follows
Error: Remote resource https://alwaysinmind.eu.auth0.com/api/v2/users/google-oauth2|116955772184856092800 returned status code: 403:
{“statusCode”:403,“error”:“Forbidden”,“message”:“Insufficient scope, expected any of: update:users,update:users_app_metadata,update:current_user_metadata”,“errorCode”:“insufficient_scope”}
Indeed I cannot see these listed in the portal as scopes for the Managment API.
What do I need to set and where?
thanks
It appears I need to get the extra scopes when I request the Management API access_token but I cannot see how. The docs appear to indicate I should change the scopes in the non interactive client in the portal but there appears to be no way to access them
AAH - I found it - as subtle little down arrow in the “Non interactive clients” section of the Management API for the client in question.
Talk about obscure! The docs should be updated at the point they talk about required scopes Thanks
In order to call the Management API you need a Auth0 Management APIv2 Token, as you can see here: https://auth0.com/docs/api/management/v2/tokens
First, you’ll need to create and authorize an Non-Interactive client, then you’ll need to add the required scopes for the API calls you want to request. For example, the [Get all clients] (Auth0 Management API v2) endpoint requires the scopes read:clients
and read:client_keys
, while the Create a client endpoint requires the scope create:clients
.
To add the scopes the Non-Interactive client, you need to open the APIs section of the dashboard, select the Auth0 Management API, select the tab Non Interactive Clients, enable the Authorized switch for your Non-Interactive client and then select the required scopes from the dropdown, to the right of the switch, as you can see in the image:
![alt text][1]
It appears I need to get the extra scopes when I request the Management API access_token but I cannot see how. The docs appear to indicate I should change the scopes in the non interactive client in the portal but there appears to be no way to access them
@stevealee Glad you found it. I’ll make a note with the documentation team to make it a bit more clear.
Thanks Ricardo - it was the last step I was unable to find. Reading user meta data was working fine and now so is writing
BTW of the scopes mentioned in that error message only the 1st oneactually seems to be available for the Admin API