Auth0 Home Blog Docs

Management vs "User" API?


#1

I’m a bit confused about how all the APIs is documented.

I have managed to get a access_token to call the /userinfo endpoint to for example see if the users e-mail is verified.

What i want to do now is to be able to present a user with a non verified e-mail an option to resend this e-mail if they can’t find it.

Then i found various post that suggest me to use the management API to do that. But as far as i understood it i can’t give access to the management API to regular users that just logs in to my site and that i don’t know anything about? I also do not want the user to get some confusing questions when they log in if they will allow access to some API they doesn’t know anything about?

I guess i could do some setup to be able to do some machine-to-machine API calls (i.e my server side code calls the management API via a Token that my server has), but that requires me to use the “Developer Pro” plan and that is WAAAYY more expensive.

Or am i missing something? Should a logged in user be able to do stuff like resending an e-mail by themselves?

Or is there some API or some kind of setup i am missing here?