How to generate a Management Api Token Automatically?

I’m trying to automate Management API Token generation and I’m getting the following error:

error: 'access_denied',
error_description: 'Client is not authorized to access "https://squid-adm.auth0.com/api/v2/". You might probably want to create a "client-grant" associated to this API. See: https://auth0.com/docs/api/v2#!/Client_Grants/post_client_grants'

Here is my request options:

method: 'POST',
url: 'https://MY DOMAIN/oauth/token',
headers: { 'content-type': 'application/json' },
body:
{ 
 grant_type: 'client_credentials',
 'client_id': 'MY CLIENT ID',
 client_secret: 'MY CLIENT SECRET', 
 audience: 'https://MY DOMAIN/api/'
},
json: true };    

When I try to request to /api/v2/client-grants it returns:

"statusCode": 401,
"error": "Unauthorized",
"message": "Missing authentication"

With header:

"WWW-Authenticate": "Bearer",
"Content-Type": "application/json; charset=utf-8",
"cache-control": "no-cache"

How can I fix this and automate Management Api token generation ?

1 Like

There are a few things you need to do/check:

  1. Create a non-interactive client in Auth0, which will be used to represent your service.
  2. Authorize the non-interactive client to call the Auth0 Management API:
    Dashboard > APIs > Auth0 Management API > Non Interactive Clients > Authorize your client
  3. Ensure that the parameters used in the call to /oauth/token are for your non interactive client:
{
        grant_type: 'client_credentials',
        client_id: 'NON-INTERACTIVE-CLIENT-ID',
        client_secret: 'NON-INTERACTIVE-CLIENT-SECRET', 
        audience: 'https://yourdomain.auth0.com/api/v2/"    }
  1. Make sure the access token you receive is passed in the Authorization header for every request made to the Management API. Authorization: Bearer <access_token>
1 Like

@prashant I did it! Thank you for the answer, it helped me a lot.

@prashant
Is there any way to reuse the same regular web application client to address this scenario?