Auth0 Home Blog Docs

How to update user from SPA ( use of auth0.js, auth0.Management.patchUserMetadata)




I’m trying to update some user metadata from a single page app by following the explanation given here;

I’m getting a 401 response with the body : {“statusCode”:401,“error”:“Unauthorized”,“message”:“Client is not global”}

Does anybody know what this indicates? And what I may do to resolve the issue?



It appears that you may be using the wrong token. When initializing auth0.Management, you should be using the id token you get from the login. As stated in the documentation, it provides an API Client for the Auth0 Management API (only methods meant to be used from the client with the user token). So first you’d have something like:

var webAuth = new auth0.WebAuth({
  domain: {YOUR_AUTH0_DOMAIN}, 
  clientID: {CLIENT_ID},
  audience: {AUDIENCE},
  redirectUri: {RETURN_URL}, 
  scope: 'openid profile email',
  responseType: 'token id_token'


webAuth.parseHash(function(err, authResult) {
    {here you can get the idToken from authResult.idToken}

This idToken is the one you need to use in the management request, as:

var auth0Manage = new auth0.Management({
  domain: {YOUR_AUTH0_DOMAIN},
  token: authResult.idToken

var userId = xxxxxx;
var userMetadata = {"test": "value"};

auth0Manage.patchUserMetadata(userId, userMetadata, function (err, authResult) {
  if (err) {
  } else {
    console.log("patchUserMetadata succeeded: " + JSON.stringify(authResult));


Thanks for the input.
I think my problem was that I started working with auth0.js version 9 (where it is the access token to be used and where I used a different initial audience and then tried using checkSession to get a token for another audience). After reverting back to version 8 and making sure to request the right scopes from the management api audience it is working.