Getting 400 from Management API - can't figure out why

I’m trying to resend a verification email to the user using this endpoint.

My steps are:

  1. Get a management acces token
  2. Get user id from email
  3. Resend the verification email using the above endpoint

1 and 2 work successfully, but 3 is giving me 400s. I’ve tried all possible permutations of the payload and it won’t work. Notably, access token retrieved from (1) does have the update:users scope.

Below’s my code. Would really appreciate guidance! I must be missing something silly.

  1. Get management token
def get_management_token():
    domain = os.environ.get('AUTH0_DOMAIN')
    payload = {
        'grant_type': "client_credentials",  # OAuth 2.0 flow to use
        'client_id': os.environ.get('AUTH0_CLIENT_ID'),
        'client_secret': os.environ.get('AUTH0_CLIENT_SECRET'),
        'audience': f""
    headers = {
        'content-type': 'application/x-www-form-urlencoded'
    res ='https://{domain}/oauth/token',
                        data=payload, headers=headers)
    return res.json()['access_token']
  1. Get user from email
def get_user_by_email(management_token, email):
    params = {"email": email}
    res = get_auth0_endpoint(management_token, '/api/v2/users-by-email', params=params)
    user_id = res[0]['user_id']
    return user_id
  1. Send verification email (this one is failing with a 400)
def send_verification_email(management_token, user_id):
    payload = {
        'used_id': user_id,
        'client_id': os.environ.get('AUTH0_CLIENT_ID'),  # tried without this, no luck
        'identity': {  # tried without this, no luck
            'user_id': user_id.split('|')[1],
            'provider': user_id.split('|')[0],
    res = post_auth0_endpoint(management_token, '/api/v2/jobs/verification-email', payload)

The code I used to check token validity

def check_token_scope(token, required_scope):
    unverified_claims = jwt.get_unverified_claims(token)
    if unverified_claims.get("scope"):
        token_scopes = unverified_claims["scope"].split()
        for token_scope in token_scopes:
            if token_scope == required_scope:
                return True
    return False

Still need help here:)