How to call the management API from an API

This seems like a very, very basic question but I have been bashing my head against a brick wall with this for some time now.

I am creating a SPA with a NodeJS backend. I want the API backend to be able to make calls to the Auth0 management API (to do things like re-send verification emails, list users, etc etc).

I have created an Auth0 “Application” for the SPA frontend.
I have created an Auth0 “API” for the NodeJS backend.
(I do not understand the difference between an “application” and an “api”)

I am able to authenticate with the backend API from the SPA frontend.
However I am unable to authenticate with the Auth0 management API from the NodeJS backend API. I have tried using the node client auth0.ManagementClient with the client id and secret of the backend API, but get an access_denied error.

From what I can understand from the Auth0 management dashboard I get the impression you can only authenticate with the management API from another “application”, not from an “api”. I have successfully authenticated with the management api using the test “API Explorer Application”.

However when I go to set up an “application” for my backend API, none of the options available match what it is:

Should I be setting up the backend API as a machine to machine application? It is very definitely not a CLI. But neither is it a regular web application (which mentions redirects, which the API will definitely not do). And obviously it is not a SPA or Native application either.

I am completely confused as to which option I should be selecting to allow the backend API access to the management API. Please help!

1 Like

It’s a M2M scenario, though based on NodeJS. You’d definitely need to use the Client Credentials Grant to retrieve the access token.
Choose M2M, then follow the Quickstart quides provided for NodeJS.

You can actually also follow the example under Dashboard > APIs > Auth0 Management API > Test > NodeJS on how to get a token and call the API.

var request = require("request");

var options = { method: 'POST',
  url: 'https://YOUR_TENANT.auth0.com/oauth/token',
  headers: { 'content-type': 'application/json' },
  body: '{"client_id":"CLIENT_ID","client_secret":"CLIENT_SECRET","audience":"https://YOUR_TENANT.auth0.com/api/v2/","grant_type":"client_credentials"}' };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
}); 

2 Likes

Thank you! I got it working with this. I have to say I was completely wrongfooted by the distinction between an “Application” and an “API”, and that the description of a M2M application did not seem to match what I wanted to do.

2 Likes

Glad you figured it out @Rosoll!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.