I am getting a 403 response after Api request

othmanenaamani · September 28, 2021, 7:41pm

I am trying to retrieve users from API using Axios to localhost/3000 like this

...
const accessToken = await getAccessTokenSilently({
      audience: `https://${domain}/api/v2/`,
      scope: "read:users",
 });

...

const options = {
      method: "GET",
      url: `${api}/users`,
        params: {
          q: '',
          search_engine: 'v3',
       },
      headers: {
        Authorization: `Bearer ${accessToken}`,
        'Content-Type': 'application/json',
      },
    };

...
return axios(options)
    .then((response) => response.data)
    .catch((error) => {
      console.error(error);
    });
...

I got the token successfully but always getting an error message:

Error: Request failed with status code 403

I know it is an access token issue, but I don’t know how to fix it, Please Help!

dan.woda · September 29, 2021, 10:18pm

Hi @othmanenaamani,

Welcome to the Auth0 Community!

You cannot get a token with the read:users scope for the management API in a SPA. You need to make this request from a secure server like a backend API.

othmanenaamani · September 30, 2021, 7:30pm

Oh yeah! that wasn’t permitted.

dan.woda · September 30, 2021, 7:56pm

Let us know if you have any other questions!

system · October 15, 2021, 7:56pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.