Custom domain 401 when calling management api

I am trying to switch over to universal login flow using a custom domain.

So at the moment I can log in using the custom domain on the client, and it can make calls to my api fine. But I have an endpoint to get the user, which needs to make a call to the auth0 management api,

in the api I’m getting the token like so with the following endpoint and body:

`https://${customDomain}/oauth/token` 
body: {
      grant_type: 'client_credentials',
      client_id: clientId,
      client_secret: clientSecret,
      audience: `https://{customDomain}/api/v2/`,
     }

When I call the management api to get a user like so;

`https://${customDomain}/api/v2/`

with the token I get back from above, I get an 401 error

{ statusCode: 401,
  error: 'Unauthorized',
  message: 'Bad audience: https://{cusomDomain}/api/v2/' }

What am i doing wrong?

Hi @vremerz,

Welcome to the Community!

Are you missing the $ in the template literal? Like this?

 audience: `https://${customDomain}/api/v2/` 

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

If you’re calling the management API you need to use your regular Auth0 domain, not the custom domain.

1 Like