I am having trouble requesting roles

fjcapelo · October 21, 2020, 5:48pm

Good afternoon. Through my api in nodejs, I am trying to extract the roles of a user, but I can’t. It gives me an error:
‘Missing authentication’

1.Token request works perfectly

I inject the token in the get request

Captura de pantalla 2020-10-21 a las 19.35.56762×272 25.5 KB

I have done different tests without success. Modifying user, etc, I do not exist.

These are the permissions of a user

Error:
I don’t know if it has something to do with it, but I have noticed in the management api that the token does not allow scopes.

Thank you very much for your help

dan.woda · October 22, 2020, 7:27pm

Hi @fjcapelo,

Welcome to the Community!

Print the token and inspect it with jwt.io, does it include the right scopes? Also, I’m not sure the endpoint you are calling will return the users roles. Check out this end point to get a user’s roles, it also lists what scopes the token will need.

Also, check out our node sdk. It makes things very easy:

fjcapelo · October 23, 2020, 4:00pm

First of all, thank you for your help, because without you this would be impossible.

I must apologize, because after hours of testing, I did not clearly explain my problem.

If you look at the images I sent, you will realize that the real problem is that I can’t even download the list of registered users.

The token is correct and it drops it perfect and I insert in the get request. But I only use this request to get registered users (here I have no intention of knowing roles), however it returns:

data: {
statusCode: 401,
error: ‘Unauthorized’,
message: ‘Missing authentication’
}

So if we don’t manage to download the users, we are hardly going to get the roles.

The get request, I got it down from the address:

From what I understand the end point is correct.

Regarding the Node.js client library, I have the same result. Not authorized.

Thank you very much for your patience. God help us

fjcapelo · October 23, 2020, 4:13pm

In case you can help locate the problem:
If I include the token in the auth0 management, it accepts it. If I try to search for users. Gives the same error:
Captura de pantalla 2020-10-23 a las 18.12.17

dan.woda · October 23, 2020, 4:25pm

@fjcapelo

If you are making a request to the management API your audience should be https://{YOUR_TENANT}.auth0.com/api/v2/

dan.woda · October 23, 2020, 4:26pm

Also, if you go to your dashboard APIs → Auth0 Management API → Test

There is sample code there for retrieving a token and sending it.

fjcapelo · October 23, 2020, 4:38pm

This is my TENANT?
Captura de pantalla 2020-10-23 a las 18.35.57

dan.woda · October 23, 2020, 4:39pm

Yes, that is your tenant.

fjcapelo · October 23, 2020, 4:41pm

This is my request:
Captura de pantalla 2020-10-23 a las 18.39.18

dan.woda · October 23, 2020, 4:42pm

You are missing the Bearer in front of token.

fjcapelo · October 23, 2020, 4:43pm

Yes, it’s the one that I used

fjcapelo · October 23, 2020, 4:45pm

I have found this question, which is the same as mine, but it is unsolved, or at least I do not understand it.

Thank you for your patience.

dan.woda · October 23, 2020, 4:45pm

You are missing the Bearer

var request = require("request");

var options = { method: 'GET',
  url: 'http://path_to_your_api/',
  headers: { authorization: 'Bearer ' + token } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});

dan.woda · October 23, 2020, 4:46pm

Can you please DM me your token so I can look at it?

dan.woda · October 23, 2020, 5:04pm

Solved in DMs. It was an issue with the audience.

fjcapelo · October 23, 2020, 5:14pm

Thank you very much¡¡¡¡

system · November 7, 2020, 5:14pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.