The scope parameter is ignored on the client credentials grant (see Client credentials request ignores scope parameter? for a discussion on this).
As for the audience, the ManagementClient defaults to the regular API v2 audience (https://{your_auth0_domain}/api/v2/) based on the domain configured:
var managerOptions = {
headers: {
'User-agent': 'node.js/' + process.version.replace('v', ''),
'Content-Type': 'application/json'
},
baseUrl: baseUrl
};
if (options.token === undefined) {
var config = assign(
{ audience: util.format(MANAGEMENT_API_AUD_FORMAT, options.domain) },
options
);
if (options.tokenProvider) {
config.enableCache = options.tokenProvider.enableCache;
config.cacheTTLInSeconds = options.tokenProvider.cacheTTLInSeconds;
delete config.tokenProvider;
}
this.tokenProvider = new ManagementTokenProvider(config);
1 Like