Confusion about SPA + Management API and Custom API

parttimehero · August 2, 2020, 6:07pm

Hi Guys,

I have a react SPA with Auth0 working just fine and I can make calls to my custom API.

I want to access the own user’s metadata from my SPA, this is where I am stuck.
(I understand that the SPA has limited access to management API features due to security reasons.)

Since I need to be logged in with my custom API for all my business related API calls, how can I access my user’s metadata.

I am able to login to the Auth0 Management API and get the metadata but than of course I cannot call my custom API.

So how would one solve this issue?

So far I wasn’t able to grant my custom API access to the management API.

Or is my understanding correct, that as soon as I am using a custom API all management API related operations must be redirected to my backend and from there to the management API?

Confused… as the title says…

Thanks for the Help

dan.woda · August 6, 2020, 8:37pm

Hi @parttimehero,

You should be doing most interaction with the management API from your backend. SPAs are limited in what they can do against the management API.

If you just want to access the metadata, that can easily be added to the token in a rule.

Hopefully this helps!

system · August 21, 2020, 8:43pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SPA + Custom API + Management API Help	3	3531	September 3, 2019
Need help accessing Management API using react-auth0-spa-js Help spa , react	4	5788	February 12, 2020
Difficulty Using Management API, getting token Help	3	3092	October 9, 2019
Access Management Api from React Help	7	4165	October 28, 2021
Using token from Custom API to Auth0 Management API Help	3	5448	June 13, 2019

Confusion about SPA + Management API and Custom API

Related topics