Auth0 Home Blog Docs

Management API Unathorized when account trial is terminated?


#1

Hello, im receive status code 401 when calling Management API (https://yourdomain.auth0.com/api/v2/clients), but before some days this working, when account trial is terminated i cant call Management API?

Tks

Artur Martini


#3

Hey @artur.martini!

Because 401 HTTP response is that your request has not been applied because it lacks valid authentication credentials for the target resource.

It’s not dependant on your account. You should be able to call this endpoint. The potential reason to it might be that your token expired and you’re not able to access those specific resources. Can you check this one?

Let me know if that was the reason and if you require further help! Glad to help!


#4

Hello Konrad.

First thank you for reply.

I’m go detail the process for more information:

I have a client application with all scope access to Management API and Extension API.

For get a token use endpoint https://xxxxxxx.auth0.com/oauth/token with body:
{
“client_id”:“6N6yG940dIguJ20tnBD3guKt0yCwRO0R”,
“client_secret”:“Q6wEJfX1X_FBxnZh_ksAfBKXilHiKgZRfH51eYdzcGVZrUipKrqFuYAvVGxfDwPx”,
“audience”:“https://xxxxxx.auth0.com/api/v2/”,
“grant_type”:“client_credentials”
}

when call the authentication endpoint the response body is:
{
“access_token”: “eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik9FRTNPRGRGTkVVek1VUTJSVE13UmpVek5UUTRSRVUyUmtJMVJUVTNSRFpGT1VVek5VVTBNaUSJ9.eyJpc3MiOiJodHRwczovL2JleHMuYXV0aDAuY29tLyIsInN1YiI6IjZONnlHOTQwZElndUoyMHRuQkQzZ3VLdDB5Q3dSTzBSQGNdsaWVudHMiLCJhdWQiOiJodHRwczovL2JleHMuYXV0aDAuY29tL2FwaS92Mi8iLCJpYXQiOjE1NDM0MDU0NjEsImV4cCI6MTU0MzQ5MTg2MSwiYXpwIjoiNk42eUc5NDBkSWd1SjIwdG5CRDNndUt0MHlDd1JPMFIiLCJndHkiOiJjbGllbnQtY3JlZGVudGlhbHMifQ.RF39I-6oa_6Z2GmKTE4ImTww9-QEF1EAH60bp-6pKB0ZrJ0lKz1LCpg-F1zi7HD89lgUstitwNsoj4QQ7pviYeEujIPLoCehHOiDuxBOOFfveNGNG2KjDEIcjuBkYL8sOh1gFyh03sssNGn37ydKEJKLXHNSaX60_9NpS3BhKRolyrfyP1TOAxylOmrkB9u78XfTWF5k-0f83Nw5zCiWwuLT6ZRV7Kxv_ql5IUIBjJPSGplxJGO8whreYYRE1tptZC4AEAzN23HRTfxHVbyeom-VhgwFKDC31BDgrv9T-ZU3_GVLSLR5taM0dUG_jhYRiiJ95NwCHdh91GZoyJ3zF-w”,
“expires_in”: 86400,
“token_type”: “Bearer”
}

the claims of token is:
{
“iss”: “https://xxxxxx.auth0.com/”,
“sub”: “6N6yG940dIguJ20tnBD3guKt0yCwRO0R@clients”,
“aud”: “https://xxxxxx.auth0.com/api/v2/”,
“iat”: 1543405461,
“exp”: 1543491861,
“azp”: “6N6yG940dIguJ20tnBD3guKt0yCwRO0R”,
“gty”: “client-credentials”
}

You can observable the token expires in one day.
Now when call the endpoint for create client application https://xxxxxx.auth0.com/api/v2/clients with the token in header authorization and body:

{
“name”:“Artur Test”,
“grant_types”:[“client_credentials”],
“token_endpoint_auth_method”:“client_secret_post”,
“oidc_conformant”: true
}

The response body is:
{
“statusCode”: 401,
“error”: “Unauthorized”,
“message”: “Invalid token”,
“attributes”: {
“error”: “Invalid token”
}
}

If i try send request for Extersion API with the authentication request body:

{
“client_id”:“6N6yG940dIguJ20tnBD3guKt0yCwRO0R”,
“client_secret”:“Q6wEJfX1X_FBxnZh_ksAfBKXilHiKgZRfH51eYdzcGVZrUipKrqFuYAvVGxfDwPx”,
“audience”:“urn:auth0-authz-api”,
“grant_type”:“client_credentials”
}

the response is:

{
“access_token”: “eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik9FRTNPggRGRGTkVVxek1VUTJSVE13UmpVek5UUTRSRVUyUmtJMVJUVTNSRFpGT1VVek5VVTBNUSJ9.eyJpc3MiOiJodwdHRwczovL2JleHMuYXV0aDAuY29tLyIsInN1YiI6IjZONnlHOTQwZElndUoyMHRuQkQzZ3VLdDB5Q3dSTzBSQGNsaWVudHMiLgCJhdWQiOiJ1cm46YXV0aDAtYXV0aHotYXBpIiwiaWF0IjoxNTQzNDA3OTMaazLCJleHAiOjE1NDM0OTQzMzMsImF6cCI6IjZONnlHOTQwZElndUoyMHRuQkQzZ3VLdDB5Q3dSTzBSIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.dvlflpqqWM4wSSV5LfOuzYmUW4NWHJptylSMB5Vo2xwO5BxVUf_2kpdu3ZNAkUHKLxNNmEqIDR7h4CJu1wURPRL1fonKkWHVCtj5vXkvPmmqwM0Sh8aBeWUbQPPeUMcrMssj4JzaDKqZzfgp2r724fHi-CEfIQPCJwW3DOUOx2flalGQJNXWqSSpPsCBUZR2NQLlDTgOBst3SzagMckh2OKJmF4Nswn6C2xRKCjbcBO615IzeiTGrYJ3MIEE8ud_d2QDxELc77zmZ-ALTSJVVQ3-_vdTRPv1oWXtH1FCFQLNPvoyl2VfCJVrdVVzGZyTZqV3U7FNmz-GePiNnZFiLQ”,
“expires_in”: 86400,
“token_type”: “Bearer”
}

And GET ROLES (https://xxxxx.us8.webtask.io/adf6e2f2b84784b57522e3b19dfc9201/api/roles the response body is:

{
“statusCode”: 403,
“error”: “Forbidden”,
“message”: “Insufficient scope”
}

Follow configuration of the client application:

Tks.

Artur Martini