Connect API to SPA Application

,

I have a System Management API with all scopes with an audience https://audience/api/v2 that has the scopes. I also have an SPA with clientId and clientSecret. I want to use this API (or any API) to add/delete users in my SPA. However i don’t see an API tab on my SPA or any way to link the API to my SPA.

When I make a request like https://audience/api/v2/users/auth0|dskjfdksfn using the bearer token from my SPA clientId and Secret i get a 403. How can I use an API to manage my SPA?

Hi @liam_adams,

Thanks for joining the Community!

The Management API can only be used for a limited number of things from a SPA such as updating user metadata:

Creating and deleting users directly from a SPA is not allowed, but you can do such things from your own custom API by creating a Machine-to-Machine application:

You can authorize the Machine-to-Machine app to use the Management API with the specific scopes you require. You can then register your API as a custom API and use its identifier in the SPA:

Here are the docs for using the management API in production: