When I try to use the “Management API”, I get a 401 complaint using the sample code.
The “GET” request appears to be complaining about the “audience” – yet the sample code for the request doesn’t mention “Audience”.
In the Auth0 documentation, I’m lost in the maze of twisty tiny quickstarts and samples that all look just the same.
I have a tenant. I’ve registered an API. I started with the “get users” call of the Management API.
I’ve got sample code from the official Auth0 quickstart.
Here is the sample code I’m using:
var express = require('express');
var app = express();
var axios = require("axios");
const auth0Audience = process.env.AUTH0_BACKEND_AUDIENCE;
const auth0Domain = process.env.AUTH0_DOMAIN;
const localBackendServicesPort = process.env.LOCAL_BACKEND_AUTHENTICATION_PORT;
const auth0ClientID = process.env.AUTH0_BACKEND_TEST_CLIENT_ID;
const auth0ClientSecret = process.env.AUTH0_BACKEND_TEST_CLIENT_SECRET;
const localToken = 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkNYRWpPVnFyMnZKT1ptejV0RG95diJ9.eyJpc3MiOiJodHRwczovLzAtMC16ZWV0aXgudXMuYXV0aDAuY29tLyIsInN1YiI6Ilk4UHAwSDZjUUVaSDN2VjdZY2x1ZUdiN3k1UndQc0JYQGNsaWVudHMiLCJhdWQiOiJodHRwczovL3plZXRpeC5zZXJ2aWNlcyIsImlhdCI6MTY2NjY0MTU2OCwiZXhwIjoxNjY2NzI3OTY4LCJhenAiOiJZOFBwMEg2Y1FFWkgzdlY3WWNsdWVHYjd5NVJ3UHNCWCIsImd0eSI6ImNsaWVudC1jcmVkZW50aWFscyJ9.tUfQyFob-RfpKvx1Euh5u9GRYfTIWPu33YeKtQ8Dz5Oki2lGULf1n5E7C3mcrRLX9oLlo6bc5S4-IAOssMWChB6EjVUy5huVowTRxzY702Ln9UkbIpksZ5qr8eiuWc60ZxB_IizJWc82Ibl9COvSoR6nQIUD8T0_m0k4EfKcmZ4ikJVQizsbNVcrHFpK9DqCGD0lUTA7R91LW25LZ7fqPLEzH66MKMtyL6U010H-aTRBkD95xXv0xF1cZ9O2W61S93gE3VAT5nBuKClf_EKHMgIlR9mnUoDD2NhzBboKl7cnTILFsywtv19palhZK9enVDlOjo6O6rIIq-RtMFXwfA';
var options = {
method: 'GET',
url: 'https://0-0-zeetix.us.auth0.com/api/v2/users',
params: {q: 'email:"tms@zeetix.com"', search_engine: 'v3'},
headers: {authorization: `Bearer ${localToken}`}
};
axios.request(options).then(function (response) {
console.log(response.data);
}).catch(function (error) {
console.error(error);
});
module.exports = app;
I’ve collected a token with no issues, and for now I’m hard-coding that token in my code while I try to make this work. Here is the nodeJS complaint I get from the above (with hard-coded token):
AxiosError: Request failed with status code 401
at settle (/home/tms/backend/authentication/node_modules/axios/dist/node/axios.cjs:1268:12)
at IncomingMessage.handleStreamEnd (/home/tms/backend/authentication/node_modules/axios/dist/node/axios.cjs:2446:11)
at IncomingMessage.emit (events.js:412:35)
at endReadableNT (internal/streams/readable.js:1333:12)
at processTicksAndRejections (internal/process/task_queues.js:82:21) {
code: 'ERR_BAD_REQUEST',
config: {
transitional: {
silentJSONParsing: true,
forcedJSONParsing: true,
clarifyTimeoutError: false
},
adapter: [Function: httpAdapter],
transformRequest: [ [Function: transformRequest] ],
transformResponse: [ [Function: transformResponse] ],
timeout: 0,
xsrfCookieName: 'XSRF-TOKEN',
xsrfHeaderName: 'X-XSRF-TOKEN',
maxContentLength: -1,
maxBodyLength: -1,
env: { FormData: [Function], Blob: null },
validateStatus: [Function: validateStatus],
headers: AxiosHeaders {
authorization: 'Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkNYRWpPVnFyMnZKT1ptejV0RG95diJ9.eyJpc3MiOiJodHRwczovLzAtMC16ZWV0aXgudXMuYXV0aDAuY29tLyIsInN1YiI6Ilk4UHAwSDZjUUVaSDN2VjdZY2x1ZUdiN3k1UndQc0JYQGNsaWVudHMiLCJhdWQiOiJodHRwczovL3plZXRpeC5zZXJ2aWNlcyIsImlhdCI6MTY2NjY0MTU2OCwiZXhwIjoxNjY2NzI3OTY4LCJhenAiOiJZOFBwMEg2Y1FFWkgzdlY3WWNsdWVHYjd5NVJ3UHNCWCIsImd0eSI6ImNsaWVudC1jcmVkZW50aWFscyJ9.tUfQyFob-RfpKvx1Euh5u9GRYfTIWPu33YeKtQ8Dz5Oki2lGULf1n5E7C3mcrRLX9oLlo6bc5S4-IAOssMWChB6EjVUy5huVowTRxzY702Ln9UkbIpksZ5qr8eiuWc60ZxB_IizJWc82Ibl9COvSoR6nQIUD8T0_m0k4EfKcmZ4ikJVQizsbNVcrHFpK9DqCGD0lUTA7R91LW25LZ7fqPLEzH66MKMtyL6U010H-aTRBkD95xXv0xF1cZ9O2W61S93gE3VAT5nBuKClf_EKHMgIlR9mnUoDD2NhzBboKl7cnTILFsywtv19palhZK9enVDlOjo6O6rIIq-RtMFXwfA',
'User-Agent': 'axios/1.1.3',
'Accept-Encoding': 'gzip, deflate, br',
[Symbol(defaults)]: [Object]
},
method: 'get',
url: 'https://0-0-zeetix.us.auth0.com/api/v2/users',
params: { q: 'email:"tms@zeetix.com"', search_engine: 'v3' },
data: undefined
},
request: <ref *1> ClientRequest {
_events: [Object: null prototype] {
abort: [Function (anonymous)],
aborted: [Function (anonymous)],
connect: [Function (anonymous)],
error: [Function (anonymous)],
socket: [Function (anonymous)],
timeout: [Function (anonymous)],
prefinish: [Function: requestOnPrefinish]
},
_eventsCount: 7,
_maxListeners: undefined,
outputData: [],
outputSize: 0,
writable: true,
destroyed: false,
_last: true,
chunkedEncoding: false,
shouldKeepAlive: false,
_defaultKeepAlive: true,
useChunkedEncodingByDefault: false,
sendDate: false,
_removedConnection: false,
_removedContLen: false,
_removedTE: false,
_contentLength: 0,
_hasBody: true,
_trailer: '',
finished: true,
_headerSent: true,
socket: TLSSocket {
_tlsOptions: [Object],
_secureEstablished: true,
_securePending: false,
_newSessionPending: false,
_controlReleased: true,
secureConnecting: false,
_SNICallback: null,
servername: '0-0-zeetix.us.auth0.com',
alpnProtocol: false,
authorized: true,
authorizationError: null,
encrypted: true,
_events: [Object: null prototype],
_eventsCount: 10,
connecting: false,
_hadError: false,
_parent: null,
_host: '0-0-zeetix.us.auth0.com',
_readableState: [ReadableState],
_maxListeners: undefined,
_writableState: [WritableState],
allowHalfOpen: false,
_sockname: null,
_pendingData: null,
_pendingEncoding: '',
server: undefined,
_server: null,
ssl: [TLSWrap],
_requestCert: true,
_rejectUnauthorized: true,
parser: null,
_httpMessage: [Circular *1],
[Symbol(res)]: [TLSWrap],
[Symbol(verified)]: true,
[Symbol(pendingSession)]: null,
[Symbol(async_id_symbol)]: 5,
[Symbol(kHandle)]: [TLSWrap],
[Symbol(kSetNoDelay)]: false,
[Symbol(lastWriteQueueSize)]: 0,
[Symbol(timeout)]: null,
[Symbol(kBuffer)]: null,
[Symbol(kBufferCb)]: null,
[Symbol(kBufferGen)]: null,
[Symbol(kCapture)]: false,
[Symbol(kBytesRead)]: 0,
[Symbol(kBytesWritten)]: 0,
[Symbol(connect-options)]: [Object],
[Symbol(RequestTimeout)]: undefined
},
_header: 'GET /api/v2/users?q=email:%22tms%40zeetix.com%22&search_engine=v3 HTTP/1.1\r\n' +
'Accept: application/json, text/plain, */*\r\n' +
'authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkNYRWpPVnFyMnZKT1ptejV0RG95diJ9.eyJpc3MiOiJodHRwczovLzAtMC16ZWV0aXgudXMuYXV0aDAuY29tLyIsInN1YiI6Ilk4UHAwSDZjUUVaSDN2VjdZY2x1ZUdiN3k1UndQc0JYQGNsaWVudHMiLCJhdWQiOiJodHRwczovL3plZXRpeC5zZXJ2aWNlcyIsImlhdCI6MTY2NjY0MTU2OCwiZXhwIjoxNjY2NzI3OTY4LCJhenAiOiJZOFBwMEg2Y1FFWkgzdlY3WWNsdWVHYjd5NVJ3UHNCWCIsImd0eSI6ImNsaWVudC1jcmVkZW50aWFscyJ9.tUfQyFob-RfpKvx1Euh5u9GRYfTIWPu33YeKtQ8Dz5Oki2lGULf1n5E7C3mcrRLX9oLlo6bc5S4-IAOssMWChB6EjVUy5huVowTRxzY702Ln9UkbIpksZ5qr8eiuWc60ZxB_IizJWc82Ibl9COvSoR6nQIUD8T0_m0k4EfKcmZ4ikJVQizsbNVcrHFpK9DqCGD0lUTA7R91LW25LZ7fqPLEzH66MKMtyL6U010H-aTRBkD95xXv0xF1cZ9O2W61S93gE3VAT5nBuKClf_EKHMgIlR9mnUoDD2NhzBboKl7cnTILFsywtv19palhZK9enVDlOjo6O6rIIq-RtMFXwfA\r\n' +
'User-Agent: axios/1.1.3\r\n' +
'Accept-Encoding: gzip, deflate, br\r\n' +
'Host: 0-0-zeetix.us.auth0.com\r\n' +
'Connection: close\r\n' +
'\r\n',
_keepAliveTimeout: 0,
_onPendingData: [Function: noopPendingOutput],
agent: Agent {
_events: [Object: null prototype],
_eventsCount: 2,
_maxListeners: undefined,
defaultPort: 443,
protocol: 'https:',
options: [Object],
requests: {},
sockets: [Object],
freeSockets: {},
keepAliveMsecs: 1000,
keepAlive: false,
maxSockets: Infinity,
maxFreeSockets: 256,
scheduling: 'lifo',
maxTotalSockets: Infinity,
totalSocketCount: 1,
maxCachedSessions: 100,
_sessionCache: [Object],
[Symbol(kCapture)]: false
},
socketPath: undefined,
method: 'GET',
maxHeaderSize: undefined,
insecureHTTPParser: undefined,
path: '/api/v2/users?q=email:%22tms%40zeetix.com%22&search_engine=v3',
_ended: true,
res: IncomingMessage {
_readableState: [ReadableState],
_events: [Object: null prototype],
_eventsCount: 4,
_maxListeners: undefined,
socket: [TLSSocket],
httpVersionMajor: 1,
httpVersionMinor: 1,
httpVersion: '1.1',
complete: true,
headers: [Object],
rawHeaders: [Array],
trailers: {},
rawTrailers: [],
aborted: false,
upgrade: false,
url: '',
method: null,
statusCode: 401,
statusMessage: 'Unauthorized',
client: [TLSSocket],
_consuming: false,
_dumped: false,
req: [Circular *1],
responseUrl: 'https://0-0-zeetix.us.auth0.com/api/v2/users?q=email:%22tms%40zeetix.com%22&search_engine=v3',
redirects: [],
[Symbol(kCapture)]: false,
[Symbol(RequestTimeout)]: undefined
},
aborted: false,
timeoutCb: null,
upgradeOrConnect: false,
parser: null,
maxHeadersCount: null,
reusedSocket: false,
host: '0-0-zeetix.us.auth0.com',
protocol: 'https:',
_redirectable: Writable {
_writableState: [WritableState],
_events: [Object: null prototype],
_eventsCount: 3,
_maxListeners: undefined,
_options: [Object],
_ended: true,
_ending: true,
_redirectCount: 0,
_redirects: [],
_requestBodyLength: 0,
_requestBodyBuffers: [],
_onNativeResponse: [Function (anonymous)],
_currentRequest: [Circular *1],
_currentUrl: 'https://0-0-zeetix.us.auth0.com/api/v2/users?q=email:%22tms%40zeetix.com%22&search_engine=v3',
[Symbol(kCapture)]: false
},
[Symbol(kCapture)]: false,
[Symbol(kNeedDrain)]: false,
[Symbol(corked)]: 0,
[Symbol(kOutHeaders)]: [Object: null prototype] {
accept: [Array],
authorization: [Array],
'user-agent': [Array],
'accept-encoding': [Array],
host: [Array]
}
},
response: {
status: 401,
statusText: 'Unauthorized',
headers: AxiosHeaders {
date: 'Mon, 24 Oct 2022 20:48:25 GMT',
'content-type': 'application/json; charset=utf-8',
'content-length': '91',
connection: 'close',
'cf-ray': '75f592bd695282e4-IAD',
'cache-control': 'no-cache',
'strict-transport-security': 'max-age=31536000',
vary: 'origin, Accept-Encoding',
'cf-cache-status': 'DYNAMIC',
'access-control-expose-headers': 'WWW-Authenticate,Server-Authorization',
'ot-baggage-auth0-request-id': '75f592bd695282e4',
'ot-tracer-sampled': 'true',
'ot-tracer-spanid': '65f3591070c9f917',
'ot-tracer-traceid': '73a61ff961c05c4e',
traceparent: '00-000000000000000073a61ff961c05c4e-65f3591070c9f917-01',
tracestate: 'auth0-request-id=75f592bd695282e4,auth0=true',
'x-content-type-options': 'nosniff',
server: 'cloudflare',
'alt-svc': 'h3=":443"; ma=86400, h3-29=":443"; ma=86400',
[Symbol(defaults)]: null
},
config: {
transitional: [Object],
adapter: [Function: httpAdapter],
transformRequest: [Array],
transformResponse: [Array],
timeout: 0,
xsrfCookieName: 'XSRF-TOKEN',
xsrfHeaderName: 'X-XSRF-TOKEN',
maxContentLength: -1,
maxBodyLength: -1,
env: [Object],
validateStatus: [Function: validateStatus],
headers: [AxiosHeaders],
method: 'get',
url: 'https://0-0-zeetix.us.auth0.com/api/v2/users',
params: [Object],
data: undefined
},
request: <ref *1> ClientRequest {
_events: [Object: null prototype],
_eventsCount: 7,
_maxListeners: undefined,
outputData: [],
outputSize: 0,
writable: true,
destroyed: false,
_last: true,
chunkedEncoding: false,
shouldKeepAlive: false,
_defaultKeepAlive: true,
useChunkedEncodingByDefault: false,
sendDate: false,
_removedConnection: false,
_removedContLen: false,
_removedTE: false,
_contentLength: 0,
_hasBody: true,
_trailer: '',
finished: true,
_headerSent: true,
socket: [TLSSocket],
_header: 'GET /api/v2/users?q=email:%22tms%40zeetix.com%22&search_engine=v3 HTTP/1.1\r\n' +
'Accept: application/json, text/plain, */*\r\n' +
'authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkNYRWpPVnFyMnZKT1ptejV0RG95diJ9.eyJpc3MiOiJodHRwczovLzAtMC16ZWV0aXgudXMuYXV0aDAuY29tLyIsInN1YiI6Ilk4UHAwSDZjUUVaSDN2VjdZY2x1ZUdiN3k1UndQc0JYQGNsaWVudHMiLCJhdWQiOiJodHRwczovL3plZXRpeC5zZXJ2aWNlcyIsImlhdCI6MTY2NjY0MTU2OCwiZXhwIjoxNjY2NzI3OTY4LCJhenAiOiJZOFBwMEg2Y1FFWkgzdlY3WWNsdWVHYjd5NVJ3UHNCWCIsImd0eSI6ImNsaWVudC1jcmVkZW50aWFscyJ9.tUfQyFob-RfpKvx1Euh5u9GRYfTIWPu33YeKtQ8Dz5Oki2lGULf1n5E7C3mcrRLX9oLlo6bc5S4-IAOssMWChB6EjVUy5huVowTRxzY702Ln9UkbIpksZ5qr8eiuWc60ZxB_IizJWc82Ibl9COvSoR6nQIUD8T0_m0k4EfKcmZ4ikJVQizsbNVcrHFpK9DqCGD0lUTA7R91LW25LZ7fqPLEzH66MKMtyL6U010H-aTRBkD95xXv0xF1cZ9O2W61S93gE3VAT5nBuKClf_EKHMgIlR9mnUoDD2NhzBboKl7cnTILFsywtv19palhZK9enVDlOjo6O6rIIq-RtMFXwfA\r\n' +
'User-Agent: axios/1.1.3\r\n' +
'Accept-Encoding: gzip, deflate, br\r\n' +
'Host: 0-0-zeetix.us.auth0.com\r\n' +
'Connection: close\r\n' +
'\r\n',
_keepAliveTimeout: 0,
_onPendingData: [Function: noopPendingOutput],
agent: [Agent],
socketPath: undefined,
method: 'GET',
maxHeaderSize: undefined,
insecureHTTPParser: undefined,
path: '/api/v2/users?q=email:%22tms%40zeetix.com%22&search_engine=v3',
_ended: true,
res: [IncomingMessage],
aborted: false,
timeoutCb: null,
upgradeOrConnect: false,
parser: null,
maxHeadersCount: null,
reusedSocket: false,
host: '0-0-zeetix.us.auth0.com',
protocol: 'https:',
_redirectable: [Writable],
[Symbol(kCapture)]: false,
[Symbol(kNeedDrain)]: false,
[Symbol(corked)]: 0,
[Symbol(kOutHeaders)]: [Object: null prototype]
},
data: {
statusCode: 401,
error: 'Unauthorized',
message: 'Bad audience: https://zeetix.services'
}
}
}
I’m mystified by the message at the end. The GET request doesn’t mention the audience at all. The request I use to get the token uses the value for audience copied from the Auth0 dashboard.
Here is the code I use to collect the token:
const auth0Audience = process.env.AUTH0_BACKEND_AUDIENCE;
const auth0Domain = process.env.AUTH0_DOMAIN;
const localBackendServicesPort = process.env.LOCAL_BACKEND_AUTHENTICATION_PORT;
const auth0ClientID = process.env.AUTH0_BACKEND_TEST_CLIENT_ID;
const auth0ClientSecret = process.env.AUTH0_BACKEND_TEST_CLIENT_SECRET;
const axiosTokenOptions = {
method: 'POST',
url: `https://${auth0Domain}/oauth/token`,
data: {client_id: `${auth0ClientID}`, client_secret: `${auth0ClientSecret}`, audience: `${auth0Audience}`, grant_type: `client_credentials`},
headers: {'content-type': 'application/json'}
};
axios.request(axiosTokenOptions)
.then(function (response) {
console.log(response.data);
auth0TokenSet(response.data.access_token);
})
.catch(function (error) {
console.error(error);
});
The environment variables contain values harvested from the relevant areas of my Auth0 Tenant settings.
What must I do to collect information about my users from the Auth0 “Management API”?