I am trying to get a user’s roles with the Auth0 Management API. I am following the Documentation to the letter and when I try to get the roles I get this message:
{
“statusCode”: 403,
“error”: “Forbidden”,
“message”: “Insufficient scope, expected all of: read:users,read:roles”,
“errorCode”: “insufficient_scope”
}
This is very confusing, because I am using the access_token provided by the Auth0 Managment API (in the API Explorer tab). In the Permission Tab I can clearly see the two scopes described above:
Although, when I go to https://jwt.io/ and decode the access token, it does not have the read:roles scope.
I am trying to understand what the error is. Can someone help me out?