I’m working in the following scenario:
The application is able to create new users using the Management API.
a) when the user is created we know the user password so we can ask for a token and id_token, this pair is associated with a UUID that we will keep in our database (24h or until the user reads the value). We use this UUID in a link that we will send the user, so the SPA will read the token from the database using this one time use UIDD
b) if we try to create a new user and the user already exists in the auth0 database we still need to send that one-time login email, but this time we don’t know what is the user password so we are not able to get token and id_token for that user
summary: can we get access_token and id_token from Management API or other available services in Auth0 without knowing the user password