I use Nuxt.js as frontend and Laravel as Backend API.
(This diagram was originally used by another user, but Iet me borrow it because it fits my use case very well.)
There are two applications in Auth0.
SPA is linked to Nuxt, and Machine to Machine is linked to Laravel.
In this situation, I want to call my Backend API in a Post Login Action.
const { ManagementClient, AuthenticationClient } = require('auth0');
const axios = require("axios");
exports.onExecutePostLogin = async (event, api) => {
const options = {
domain: event.secrets.TENANT_DOMAIN,
clientId: event.secrets.CLIENT_ID,
clientSecret: event.secrets.CLIENT_SECRET,
audience: event.secrets.AUDIENCE
}
const access_token = await getAccessToken(options);
await axios.get('https://{{endpoint}}/api/test2',
{
headers: {
'Authorization': 'Bearer ' + access_token
},
}
)
};
async function getAccessToken(options) {
let key = `access_token_${options.clientId}`;
if (options.audience) {
key += `_${options.audience}`;
}
const authClient = new AuthenticationClient(options);
const {
data: { access_token, expires_in },
} = await authClient.oauth.clientCredentialsGrant({
audience: options.audience ?? `https://${options.domain}/api/v2/`,
});
return access_token;
}
But it fails with “Request failed with status code 401” message.
Secrets are based on the Machine to Machine Application.
I guess that the access_token is invalid.
Is the access_token equal to “Management API Token” in the diagram?
I need “User Access Token” because what I want to call is not Management API but Laravel’s API.
How can I retrieve the “User Access Token” in Actions?
I’m sorry if there are any elementary mistakes or misunderstandings.