Management API token without stepup

Hello,

I have a single page app in next.js, and I was wondering how could I get the managemeant api access token to make a management API call without requiring stepup authentification.

Thank you!

Hi @richardb

Welcome back to the Auth0 Community!

Can you share with me a little bit more context of what are you trying to achive?

Thanks
Dawid

I want the user to be able to modify their user_metadata and change their password on the page I created for that purpose in my next.js app. Therefore, I need to get a Management API access token to be able to call the Management API. To do this I found that I can create an M2M application in Auth0 and get the management api access token through the client_credential flow. It works through Postman, however when I try implementing it in my next.js app, I get CORS issues.

  1. I was wondering if this was the correct way of getting the management api access token, since if I request the token using grant_type “password” to my SPA, the user will have to complete an MFA challenge.

  2. If this is the correct way, how can I fix the CORS issues (I am following the exact method to get the token in the Node.js way shown here)

Thank you for your help!

I am pretty certain that requesting the token through M2M is the correct way of doing things. To fix the CORS issues, simply request it through your backend instead of your frontend.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.