Management API returning "Unauthorized" "Missing authentication"

So I added a Custom API to support a custom domain and followed the example commands in the api configuration Test page but its not working as it should. The management api is responding with:

{"statusCode":401,"error":"Unauthorized","message":"Missing authentication"}
  • Step 1 Get an oauth token with a custom domain as the audience:

    REQUEST:

    curl --request POST \
      --url https://TENANT.auth0.com/oauth/token \
      --header 'content-type: application/json' \
      --data '{"client_id":"CLIENT_ID","client_secret":"CLIENT_SECRET","audience":"https://CUSTOM_DOMAIN/api/v2/","grant_type":"client_credentials"}'
    

    RESPONSE:

    {
      "access_token": "TOKEN",
      "token_type": "Bearer"
    }
    
  • Step 2 Send a api request to your custom domain with the token from the response of step 1:

    REQUEST:

    curl --request GET \
      --url https://CUSTOM_DOMAIN/api/v2/users \
      --header 'authorization: Bearer TOKEN'
    

    RESPONSE:

    {"statusCode":401,"error":"Unauthorized","message":"Missing authentication"}
    

Here are my current scopes on the API:

Am I missing a piece of configuration or going about something wrong here? Any help is much appreciated.

Thanks.

After much trial and error I figured out what was going on. My custom domain that was configured through AWS CloudFront did not have the Authorization header whitelisted. So when the request passed through our custom domain the header was being stripped off.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.