Grant_type for inviting user to an organization?

I have an application which has Organization Settings set to “Team members of organizations”. I want to request a management API token so that I can invite new members to the organization in response to actions users take in the app, but I cannot do this from that client (client_credentials is disallowed). I can use a different m2m client, but then I get an error message saying “organizations is not allowed for this client”. Is there any way to achieve this?

Hi @rafael-kennedy-IM,

Welcome to the Auth0 Community!

This can be accomplished using the Client Credentials grant flow.

To do so, start by creating a Machine-to-Machine application and choose the Management API with the necessary permissions to invite users to an Organization (create:organization_invitations).

Then when this is complete, you should see the Quick Start section of your newly created M2M application that has a code snippet section that you can copy to Get an access token for your API.

Executing that code snippet will issue an access token in the response, which you can use with the Management API’s Create invitations to organization endpoint.

I recommend checking out our Get Management API Access Tokens for Production documentation for more information.

I hope the explanation was clear!

Thanks,
Rueben

Thank you for your prompt response. This is not actually the problem I was encountering. The problem was that the call to invite user was returning “organizations is not allowed for this client”. I have since realized that I can pass a second client_id in the body of that call, so the call can be made in the context of the m2m app that allows the client_credentials grant flow, but be FOR an app that has organizations enabled.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Hi @rafael-kennedy-IM,

Thank you for your response.

The "Organization is not allowed for this client" error happens when the Application’s Organization setting has selected Individuals for personal use:

In this situation, I recommend changing the “What types of end-users will access this application?” value in the Application’s setting page (Auth0 Dashboard > Applications > Applications > Your Application > Organizations tab > Scroll down to the Organization Settings box) to either Both or Team members of organizations.

After this is complete, this error should go away. Could you please let me know how this goes for you?

Thanks,
Rueben