Auth0 Home Blog Docs

Invalid token error while using management API

token
management-api
authorization

#1
const auth0 = new auth0.WebAuth({
  ...clientConfig,
  responseType: 'token id_token',
  scope: 'openid profile'
})

auth0.authorize({ connection: 'github' })

// Successfully redirected to callback page

auth0.parseHash({}, (err, res) => {
  const management = new auth0.Management({
    domain: clientConfig.domain,
    token: res.idToken
  })
  management.getUser(res.idTokenPayload.sub, (err, res) => {
    // Error
    // 401 invalid token
  })
})

Using auth0-js v9, however v8 didn’t work either


#2

You’re trying to use an ID token against the Management API so the 401 is the expected behavior for new tenants/domains or an existing tenants where the Allow ID Tokens for Management API v2 Authentication toggle was disabled.


#3