Using the offiical auth0 nodeJS SDK.
Before we make any management API request, we use the auth0 provided code snippet to get a machine-to-machine access token and new client.
const res = await fetch(`${process.env.AUTH0_ISSUER_BASE_URL}/oauth/token`, {
method: 'post',
headers: { 'content-type': 'application/json' },
body: JSON.stringify({
client_id: process.env.AUTH0_CLIENT_ID,
client_secret: process.env.AUTH0_CLIENT_SECRET,
audience: `${process.env.AUTH0_ISSUER_BASE_URL}/api/v2/`,
grant_type: 'client_credentials'
})
});
const body = await res.json();
console.log(body);
return new ManagementClient({
token: body.access_token,
domain: `${process.env.AUTH0_TENANT}.au.auth0.com`
});
We then try to retrieve user information:
await auth0Client.users.get({ id: auth0Id });
Sometimes this returns us an error message “Expired token received for JSON Web Token validation”. Not sure what else we can do here. Any ideas?