Hey Sidharth,
I’m sorry maybe my post was confusing. I already have the token. I’ve both generated via api call and copied it with the same result. Maybe I could clarify a little further. Here are my steps:
- copy the Auth0 Management API token, which seems to have all the permissions. in particular, i need this one
- open postman and try a put with the below and the token from step 1
https://<my-auth-domain>/api/v2/prompts/login/custom-text/en
{
"login": {
"footerLinkText": "",
"footerText": ""
}
}
- get a result of
{
"statusCode": 403,
"error": "Forbidden",
"message": "Insufficient scope, expected any of: update:prompts",
"errorCode": "insufficient_scope"
}
I am wondering why i get a 403. if i put the copied token into jwt.io i get the following scopes:
"read:client_grants create:client_grants delete:client_grants update:client_grants read:users update:users delete:users create:users read:users_app_metadata update:users_app_metadata delete:users_app_metadata create:users_app_metadata create:user_tickets read:clients update:clients delete:clients create:clients read:client_keys update:client_keys delete:client_keys create:client_keys read:connections update:connections delete:connections create:connections read:resource_servers update:resource_servers delete:resource_servers create:resource_servers read:device_credentials update:device_credentials delete:device_credentials create:device_credentials read:rules update:rules delete:rules create:rules read:rules_configs update:rules_configs delete:rules_configs read:email_provider update:email_provider delete:email_provider create:email_provider blacklist:tokens read:stats read:tenant_settings update:tenant_settings read:logs read:shields create:shields delete:shields read:anomaly_blocks delete:anomaly_blocks update:triggers read:triggers read:grants delete:grants read:guardian_factors update:guardian_factors read:guardian_enrollments delete:guardian_enrollments create:guardian_enrollment_tickets read:user_idp_tokens create:passwords_checking_job delete:passwords_checking_job read:custom_domains delete:custom_domains create:custom_domains read:email_templates create:email_templates update:email_templates read:mfa_policies update:mfa_policies read:roles create:roles delete:roles update:roles"
as you can see it is missing scopes. there are no prompts scopes. why? hope this gives some clarification.
Thanks,
Brandon