Managment API does not have the correct scopes read:roles

I am trying to get a user’s roles with the Auth0 Management API. I am following the Documentation to the letter and when I try to get the roles I get this message:
“statusCode”: 403,
“error”: “Forbidden”,
“message”: “Insufficient scope, expected all of: read:users,read:roles”,
“errorCode”: “insufficient_scope”
This is very confusing, because I am using the access_token provided by the Auth0 Managment API (in the API Explorer tab). In the Permission Tab I can clearly see the two scopes described above:

Although, when I go to and decode the access token, it does not have the read:roles scope.

I am trying to understand what the error is. Can someone help me out?

1 Like

Off the cuff but sounds like you need to check the scopes actually assigned to whichever client you are talking to, under the machine-to-machine tab. The Permissions tab is all possible scopes, the machine-to-machine tab is actual scopes assigned to a given client.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.