Manage users with custom API

I setup a custom API called User Management API with permissions - create:users, read:users and update: users and authorized a custom Machine to Machine application with appropriate grants. When I try to create user using this custom API, I am getting a bad audience error.

Can we manage users using a custom API other than Auth0 Management API?

1 Like

Hi @yogesh.tamrakar,

Welcome to the Community!

You can certainly use your custom API as a proxy API for the management API. Can you show us the code you are using to that returns this error (omitting sensitive data)? The audience should be set to the API identifier when you are requesting the token.

Let me know,
Dan

@yogesh.tamrakar Note that you cannot call Auth0’s management API itself with the access token created for another API. All management API calls need an access token created for the audience https://TENANT.auth0.com/api/v2/.

1 Like

@thameera, @dan.woda - I setup a custom API with permissions - create:users, read:users and update: users and wanting to use that as my user management API instead of default Auth0 Management API which has access to everything.

Then I am getting the auth0 management token from endpoint - oauth/token passing ClientId and ClientSecret for the authorized M2M client with Audience of the custom API. Then I am calling the endpoint - api/v2/users and pass a user object to try to create user and it is failing with bad audience error.

Creating a custom API won’t work. You’ll need to use the default Auth0 Management API.

which has access to everything

If this is the concern, you can always create a new non-interactive app (in Applications) and give it permission for Auth0 Management API with only the required scopes. It won’t have access to the other scopes.

2 Likes

Thanks @thameera! Glad you were able to get this one solved.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.