Create Organization in rules


I am trying to create an organization in a rule. i am following these instructions Get Management API Access Tokens for Production to create an accessToken that is able to call management apis. when logging the response i am always getting “{ error: ‘access_denied’, error_description: ‘Unauthorized’ }” however when i run the same request on postman it returns an accessToken.

  1. Is it possible to create a management api access Token to call management api from the rules usign M2M application credentials?
  2. Is it possible to create a management api access Token to call management api from the hooks (pre-register) usign M2M application credentials?
  3. I need every user that sign up to create a new organization and to be assigned to that organization. how can I achieve this behavior? (Multi Tenancy) just like auth0 multi tenancy flow. on first signup a default tenant is created and we are able to create a new tenant and switch between. Can this flow be implemented using the NEW organization auth0 feature ?

Thank you

Hi @ali.sabryali7,

Welcome to the Community!

Yes, in fact, there is a cached Access Token rules can access which you can read about in the docs. However, the scope is limited to read:users and update:users:

The Access Token for the Management API, which is available through auth0.accessToken , is limited to the read:users and update:users scopes

Since you need the scope create:organizations, you would need to create a new machine-to-machine (M2M) application and authorize it to use the Management API with the create:organizations.
This answer outlines the steps for creating the M2M and writing the rule: Prevent user creation (with hook?) if user is not whitelisted with rule - #5 by stephanie.chamblee

Yes, you would also create a M2M application just like you would for a rule described above.

It sounds like it might be possible, but I will have to do some research to know for sure. I see that you have a ticket for this as well, so I will update here when resolved.

1 Like

My management api access token issue has been resolved :slight_smile: thank you.
I have implemented the logic for creating organization, assigning user to be a member in the organization. enabling organization connections. in a rule that only runs if a user is not assigned to any member. Please update us with your research results

Thank you

1 Like