Right now we are creating, updating and deleting users from Auth0 dashboard but going forward we need to implement that in our website so that our customers can create users on their own. I know that we can use management API to achieve this but since I am new to Auth0 can I get a detailed steps of how to implement this. Our application is a single page NodeJs application and right now I am using the custom API for authentication. Can I use the existing custom API to achieve my requirement ? or should I use Auth0 Management API (System API to achieve this) if that is the case how can I use it with my existing custom API.
Since I am new to Auth0 it will be very helpful to me If I get proper idea of the implementation to be done
You first need to register an Application in the Auth0 Dashboard representing your web application (if you don’t have one), and configure it as Machine to Machine. That will let your app to negotiate an access token for the Management API using Client Credentials (server side without user intervention). After that, go and authorize that application (under the APIs tab in the application settings) to use the Auth0 management API (https://.us.auth0.com/api/v2/).
Once you have that configured, you can use the Client Credential Flow passing the Client ID/Secret and API audience. For example,
var request = new HttpRequestMessage(HttpMethod.Post, $"https://{domain}/oauth/token");
request.Content = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("client_id", clientId),
new KeyValuePair<string, string>("client_secret", clientSecret),
new KeyValuePair<string, string>("audience", $"https://{domain}/api/v2/"),
new KeyValuePair<string, string>("grant_type", "client_credentials")
});
That will give you back an access token that you can use to consume the management API (bearer token). For example, for calling this endpoint, Auth0 Management API v2
Thanks for the reply and it helped me to figure out how to achieve my requirement. One last doubt I am having is I am using the below piece of code to get the Auth0 token
var request = require("request");
var options = { method: 'POST',
url: 'https://auth0.com/oauth/token',
headers: { 'content-type': 'application/json' },
body: '{"client_id":"xxx","client_secret":"xxxx","audience":"https://auth0.com/api/v2/","grant_type":"client_credentials"}' };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
But I only want the access token from it so that I can pass it in authentication header for my management API. I tried using the following option body.access_token it gives me output as undefined can you please help me with this. So that I can use only the access_token