Management API returns 401 Unauthorized (Invalid token)

Hi, I followed this to generate access token for management api :

–curl --request POST
–url https://dev-5i8oy1rn.auth0.com/oauth/token
–header ‘content-type: application/json’
–data ‘{“client_id”:““,“client_secret”:””,“audience”:“Ghanem”,“grant_type”:“client_credentials”}’

Token created successfully but when pass it to this end point to check if user email already exists I got 401 :

GET :
https://dev-5i8oy1rn.auth0.com/api/v2/users-by-email?email=mghanem%40itgsoftware.com

Headers: Authorization bearer {token_from_prev_step}

Note that : read:users scope enabled

What I missed here?

1 Like

The expected audience value for a call to obtain an access token to the Management API of the tenant in question would be https://dev-5i8oy1rn.auth0.com/api/v2/ while you’re passing a value likely associated to one of your own API’s (Ghanem).

Thank you for your answer, the audience value you are mentioed is the default value this is true but we changed it.

Anyway, I tried different api and we kept the default audience and same issue still occurred. I can got the token but when use it I got invalid token.

I tried the token provided by auth0 (test api) its working! so I think we missed something in token creation body ?

I’m having a similar issue. Where you able to figure what was going wrong?

1 Like