but the token from the dashboard works. not sure why.
machine-machine is set and enabled. only thing don’t understand is that token obtained from api not working but only the token in dashboard works.
Does the M2M application in your dashboard have the required permissions enabled? These are read:users read:roles read:role_members. You can set these by navigating to the M2M application → APIs → Management API:
Hmm I’m unaware of that requirement - Do you mind sharing which specific client_credentials permission(s)? That shouldn’t be required for the /api/v2/users/${userId}/roles as far as I know.