Management API User Authentication

tjb · August 9, 2018, 1:52am

I want to let users modify their accounts using exclusively client-side code and JWTs. It seems the Management API is necessary, but I’m unclear on permissions.

Linking user accounts seems to be possible with simple user JWTs:

But in general, the documentation seems to say the Management API needs a special JWT that should be used server side only.

For example is there any way to let a user directly change their password using this endpoint, with their own JWT?

I tried, but get a “Bad audience” error.

Also, if I understand correctly, and certain parts of the Management API (such as post_identities) can use user tokens, but other require special server only tokens (such as patching users) is this clearly specified somewhere?

konrad.sopala · August 19, 2019, 8:24am

Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?

Topic		Replies	Views
Management API usage Help management-api , users	0	74	July 4, 2024
Auth0 management-api for regular web application Help management-api , users	2	535	February 16, 2024
How to allow users to only update/delete their accounts through the management api Help management-api , users	2	1232	February 22, 2023
Help understanding the use of Management API Help	5	5791	June 25, 2019
Best practice for user replication Help management-api , users	0	751	September 6, 2023

Management API User Authentication

Related topics