Can't get machine token with correct permisson

I’m brand new to auth0. I’m using go. I have the authentication flow set up fine. What I want to do is collect the email and emailverified fields when they authenticate so I know that the email is valid in my system.

I used the api to get a machine token and user info by ID, but all the fields are blank in the response:

{Email: EmailVerified:false Username: PhoneNumber: PhoneVerified:false UserID: CreatedAt: UpdatedAt: Identities:[] AppMetadata:{} UserMetadata:{} Picture: Name: Nicknam
e: Multifactor:[] LastIP: LastLogin: LoginsCount:0 Blocked:false GivenName: FamilyName:}

If I do the same request with my dev/test token, I get everything back.

I feel like I’m missing some very obvious things. First, there is an entire go-auth0 repo, yet I’ve no clue how to use it based on reading the docs. I would think that if I had my machine token, I could use that library to make the simplest of requests vs doing my own http calls.

Regardless, here is my token code to get a token:

type Token struct {
	AccessToken string `json:"access_token"`
	ExpiresIn   int    `json:"expires_in"`
	Scope       string `json:"scope"`
	TokenType   string `json:"token_type"`
}

func GetToken() (Token, error) {
	url := urlRoot + "/oauth/token"

	ps := fmt.Sprintf(
		"grant_type=client_credentials&client_id=%s&client_secret=%s&audience=%s",
		os.Getenv("AUTH0_CLIENT_SECRET"),
		os.Getenv("AUTH0_CLIENT_ID"),
		os.Getenv("AUTH0_AUDIENCE"),
	)

	payload := strings.NewReader(ps)

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("content-type", "application/x-www-form-urlencoded")

	res, _ := http.DefaultClient.Do(req)
	token := Token{}

	defer res.Body.Close()
	err := json.NewDecoder(res.Body).Decode(&token)

	return token, err
}

And here is my UserInfo code:

func GetUserInfo(id string) (*UserInfo, error) {
	token, err := GetToken()
	if err != nil {
		return nil, err
	}

	url := urlRoot + "/api/v2/users/" + id

	req, _ := http.NewRequest("GET", url, nil)

	req.Header.Add("authorization", "Bearer "+token.AccessToken)

	res, _ := http.DefaultClient.Do(req)

	ui := &UserInfo{}

	defer res.Body.Close()
	err = json.NewDecoder(res.Body).Decode(ui)

	return ui, err
}

type UserInfo struct {
	Email         string `json:"email"`
	EmailVerified bool   `json:"email_verified"`
	Username      string `json:"username"`
	PhoneNumber   string `json:"phone_number"`
	PhoneVerified bool   `json:"phone_verified"`
	UserID        string `json:"user_id"`
	CreatedAt     string `json:"created_at"`
	UpdatedAt     string `json:"updated_at"`
	Identities    []struct {
		Connection string `json:"connection"`
		UserID     string `json:"user_id"`
		Provider   string `json:"provider"`
		IsSocial   bool   `json:"isSocial"`
	} `json:"identities"`
	AppMetadata struct {
	} `json:"app_metadata"`
	UserMetadata struct {
	} `json:"user_metadata"`
	Picture     string   `json:"picture"`
	Name        string   `json:"name"`
	Nickname    string   `json:"nickname"`
	Multifactor []string `json:"multifactor"`
	LastIP      string   `json:"last_ip"`
	LastLogin   string   `json:"last_login"`
	LoginsCount int      `json:"logins_count"`
	Blocked     bool     `json:"blocked"`
	GivenName   string   `json:"given_name"`
	FamilyName  string   `json:"family_name"`
}

I feel like I’m working way to hard and getting nowhere. Any help is greatly appreciated.

I finally figured it out. I had to grant the API itself those permissions. This was not easy to find our understand in the workflow of setting up. This should be more prominent in the quickstart guide. I can’t imagine it’s a stretch that the basics of a setup a user would want an email address…

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.