Hi, I have been struggling with the Management API on iOS. I have an app that uses Auth0 for authentication in pair with graphcool. I have implemented a client for my app that handles Auth and have added a method that wraps up Auth0s own patch function like so:
@witek you should be using the access_token when talking to the Management API (or any API) . The error message you about bad format is interesting. When you are sending in the JWT are you using this header format?
Authorization: Bearer xxx.yyy.zzz
You are receiving a bad request, because Auth0 thinks you are not sending in the JWT properly. The SDKL should do this for you, but it is worth double checking.
Also, can you make sure the access_token is a valid JWT (meaning it is a JWT and not a 32 character opaque string). Also, how are you fetching the access token (e.g. what scopes and audience is set)? Can you provide the body of the JWT?
@witek the refresh_token format should not be of a concern. That token is used to get a new access_token after the access_token expires. In the token response you should see access_token which is a JWT. Since you are trying to get a token for the Management API I would expect the audience to be something like this:
I have change domain in the Auth0.plist. What should I change then? I am not making the api calls directly, I am using Auth0 iOS library as shown above in the first post.