Auth0 Home Blog Docs

Management API returns 401 in production but not when running locally

We’re trying to use the Management API in our app. I believe it was working at one point but recently we started getting a 401 when trying to use the api from our production server.

Here’s the code we use to interact with the API:

let auth0Token;
axios({
  url: 'https://long103.auth0.com/oauth/token',
  method: 'post',
  headers: { 'content-type': 'application/json' },
  data: {
    client_id: 'our_auth0_id',
    client_secret: 'our_auth0_secre',
    audience: 'https://long103.auth0.com/api/v2/',
    grant_type: 'client_credentials',
    scope: 'read:users create:users update:users'
  }
})
  .then(({ data }) => {
    auth0Token = data.token_type + ' ' + data.access_token;
  })
  .catch(err => {
    throw new Error(err)
  });


axios('https://long103.auth0.com/api/v2/users', {
        headers: { authorization: auth0Token },
        params: {
          q: 'identities.connection:"FortMorgan"'
        }
      })
        .then(({ data }) => data.map(parseUser))
        .catch(err => {
          throw new Error(err);
        })

The second request only works locally, in production it receives a 401 and fails. It works fine locally though so the id, secret etc. have to be correct.

Any ideas what could be causing this or what we could do to debug this further?

Hi @michaelfarnik,

Everything looks okay at first glance.

Can you look at your logs and see what the failed api call says? Even better, can you DM me the log? I am looking at your tenant and don’t see any failed calls to the management API.

Look at your token and confirm it has the correct scopes here: jwt.io.

It looks like your settings are correct in the API settings.

Let me know.

Thanks,
Dan